What is Risk?

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
1 hour 39 minutes
Difficulty
Intermediate
CEU/CPE
1
Video Transcription
00:02
This is risk management and information technology.
00:05
In this lesson, we will be talking about risk
00:09
will be defining risk as a business term.
00:12
We'll talk about different risk scenarios then we will define risk in terms of cybersecurity.
00:18
Mhm.
00:19
So what is risk
00:22
Merriam Webster defines risk as a possibility of loss or injury
00:28
In business terms, risk is the chance of loss of assets that can be disruptive to the business
00:33
assets include hardware or the server your application runs on software
00:39
or the people that manage these resources.
00:42
Cybersecurity terms, risk refers to potential loss or damage when a threat exploits a vulnerability
00:49
to put it in another way
00:53
as an equation, risk is equal to the number of threats times the number of vulnerabilities.
00:59
Therefore, if you reduce the number of threats or vulnerabilities, this will lower risk.
01:04
Mm hmm.
01:06
In tangible terms,
01:07
risk is losing the internet,
01:10
unable to access the email,
01:12
lots of devices
01:15
or perhaps the data stores being inaccessible.
01:19
So with that let's talk about scenarios. For example, email.
01:23
If you lose your email, you lose important data such as contracts, legal agreements or your access to your customers.
01:30
Of course the risk here is that you could lose your email server which is hosted by a vendor
01:34
for yourself inside your facility.
01:37
Or it could be caused by an outage. If it's hosted in the cloud such as office 365,
01:44
another scenario is losing the internet. So if you lose your internet connection, that means loss of business, especially if you're a website or rely on internet connectivity for your business.
01:55
And that could be caused by loss of connectivity. Let's say your modem
02:00
breaks down or your ice B has an outage.
02:05
Another scenario software
02:07
loss of functioning software could be a potential loss of business. For example, your credit card processing part of your website,
02:14
You could stop working and that could be caused by incorrect patching or data corruption.
02:21
Some companies rely on hardware,
02:23
loss of hardware function could be disrupted to their business functions and that can be caused by hardware failure or power outage. For example,
02:30
heavy machinery that
02:32
that's used for creating products or a factory.
02:37
Another risk of an organization is the loss of key personnel that can cause disruption of a business or process
02:44
people leave because there's internal issues at work or a better job offer.
02:49
Okay, let's take a quick quiz.
02:53
What is risk
02:54
a chance of loss of assets
02:58
Be the formula risk is equal to three times vulnerability.
03:01
See the likelihood that a threat will exploit the vulnerability or D. All of the above.
03:09
The answer is D All of the above.
03:13
That's right. Another one
03:15
which of the following our resources, a security guard at the front desk,
03:21
be the credit card processing software?
03:23
See internet connectivity for your business
03:27
or D. All of the above.
03:31
Yes, there is. D all of the above.
03:36
Okay. One last
03:38
which of the following does not reduce risk. A threat
03:43
be vulnerability.
03:44
See risk
03:46
D. And B.
03:50
Yeah.
03:51
Yes, it is. See
03:53
risk.
03:55
So let's summarize,
03:57
okay.
03:58
Risk is the potential of losing an asset
04:00
that can cause damage
04:02
when a threat exploits a vulnerability
04:05
and applies to resources or assets.
04:10
Examples of these assets are hardware such as tools to create products, software such as email or databases and key personnel.
04:18
Thank you for completing this lesson. This is your instructor robert gonna
Up Next