Class Test Revision (2) Flashcards
What are the three essential components of security risk?
Threat
Vulnerability
Impact
What is security risk?
It is the amount of harm that is likely to arise if no further action is taken
Can you explain each of the component in security risk?
1) Threat - product of the intentions and capabilities of threat actors
2) Vulnerability - gaps or weaknesses in the potential victim’s protective security defences
3) Impact - measure of consequences of a successful attack
Are security risks dynamic or adaptive?
Security risks are BOTH dynamic and adaptive, they can rapidly change over time and arise from the actions of purposeful actors
What is protective security?
It is an enduring process, not a state.
How does security risk relate to emergent properties of complex adaptive systems?
They are capable of undergoing very rapid, non-linear changes, the outcomes of which are impossible to predict.
What is the aim of abstraction
When studying a system, the abstraction step aims at avoiding unnecessary details by classification, aggregation or generalization.
Why is model never a reality?
Models simplify reality for the purpose of studying, but it is never reality.
What is the downside of models and how can we overcome this?
Models are always a simplification according to Dekkers book in C3 (they represent a lower level of complexity that the original) hence the systems hierarchy of Boulding offers another way of looking at the validity of models from lower for higher levels.
