Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

threat

Abbreviation(s) and Synonym(s): Definition(s):

  An event or condition that has the potential for causing asset loss and the undesirable consequences or impact from such loss. Note: The specific causes of asset loss, and for which the consequences of asset loss are assessed, can arise from a variety of conditions and events related to adversity, typically referred to as disruptions, hazards, or threats. Regardless of the specific term used, the basis of asset loss constitutes all forms of intentional, unintentional, accidental, incidental, misuse, abuse, error, weakness, defect, fault, and/or failure events and associated conditions.
Source(s):
NIST SP 800-160 [Superseded]

  An event or condition that has the potential for causing asset loss and the undesirable consequences or impact from such loss. Note: The specific causes of asset loss, and for which the consequences of asset loss are assessed, can arise from a variety of conditions and events related to adversity, typically referred to as disruptions, hazards, or threats. Regardless of the specific term used, the basis of asset loss constitutes all forms of intentional, unintentional, accidental, incidental, misuse, abuse, error, weakness, defect, fault, and/or failure events and associated conditions.
Source(s):
NIST SP 800-160 [Superseded]

  Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. Also, the potential for a threat-source to successfully exploit a particular information system vulnerability.
Source(s):
FIPS 200 under THREAT (CNSSI 4009 - Adapted)

  See threat.
Source(s):
NIST SP 800-150 under Cyber Threat

  Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Source(s):
CNSSI 4009-2015 (NIST SP 800-30 Rev. 1)
NIST SP 800-128 under Threat (CNSSI 4009)
NIST SP 800-137 under Threat (CNSSI 4009 - Adapted)
NIST SP 800-161 under Threat (NIST SP 800-53 Rev. 4, CNSSI 4009)
NIST SP 800-37 Rev. 1 under Threat (CNSSI 4009 - Adapted)
NIST SP 800-39 under Threat (CNSSI 4009)
NIST SP 800-53 Rev. 4 under Threat (CNSSI 4009 - Adapted)
NIST SP 800-53A Rev. 4 under Threat (CNSSI 4009)
NISTIR 7621 Rev. 1 under Threat (NIST SP 800-53 Rev. 4)
NISTIR 7622 under Threat (CNSSI 4009, NIST SP 800-27, NIST SP 800-37, NIST SP 800-53A, NIST SP 800-60, NIST SP 800-53)

  Any circumstance or event with the potential to adversely impact agency operations (including mission, functions, image, or reputation), agency assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Source(s):
NIST SP 800-18 Rev. 1 under Threat (CNSSI 4009 - Adapted)
NIST SP 800-82 Rev. 2 under Threat (NIST SP 800-53)

  Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, or modification of information, and/or denial of service.
Source(s):
NIST SP 800-150 under Threat (NIST SP 800-30 Rev. 1)
NIST SP 800-30 Rev. 1 under Threat (CNSSI 4009)

  Any circumstance or event with the potential to adversely impact organizational operations, organizational assets, individuals, other organizations, or the Nation through a system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Source(s):
NIST SP 800-171 Rev. 1 (CNSSI 4009 - Adapted)

  The potential for a threat-source to exercise (accidentally trigger or intentionally exploit) a specific vulnerability.
Source(s):
NIST SP 800-47 under Threat

  The potential for a “threat source” (defined below) to exploit (intentional) or trigger (accidental) a specific vulnerability.
Source(s):
NIST SP 800-33

  A possible danger to a computer system, which may result in the interception, alteration, obstruction, or destruction of computational resources, or other disruption to the system.
Source(s):
NIST SP 800-28 Version 2 under Threat

  Any circumstance or event with the potential to harm an information system through unauthorized access, destruction, disclosure, modification of data, and/or denial of service. Threats arise from human actions and natural events.
Source(s):
NIST SP 800-27 Rev. A [Withdrawn]

  Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through a system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Source(s):
NIST SP 800-12 Rev. 1 under Threat (NIST SP 800-30)

  an activity, deliberate or unintentional, with the potential for causing harm to anautomated information system or activity.
Source(s):
NIST SP 800-16 under Threat

  Any circumstance or event with the potential to adversely impact agency operations (including mission function, image, or reputation), agency assets or individuals through an information system via unauthorized access, destruction, disclosure, modification of data, and/or denial of service [SP 800-53].
Source(s):
NIST SP 800-57 Part 2 under Threat

  Any circumstance or event with the potential to adversely impact agency operations (including mission, functions, image, or reputation), agency assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Source(s):
NIST SP 800-60 Vol. 1 Rev. 1 under Threat (CNSSI 4009 - Adapted)
NIST SP 800-60 Vol. 2 Rev. 1 under Threat (CNSSI 4009 - Adapted)

  The potential source of an adverse event.
Source(s):
NIST SP 800-61 Rev. 2 under Threat

  Any circumstance or event with the potential to cause harm to an information system in the form of destruction, disclosure, adverse modification of data, and/or denial of service.
Source(s):
NIST SP 800-32 under Threat (CNSSI 4009)

  Any circumstance or event with the potential to cause the security of the system to be compromised.
Source(s):
NISTIR 4734 under Threat

  the likelihood or frequency of a harmful event occurring
Source(s):
NISTIR 7435 under Threat

  potential cause of an unwanted incident, which may result in harm to a system or organization
Source(s):
NISTIR 8053 (ISO/IEC 27000:2014)