A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general.
A threat can be broken down into three components -
- A cyber threat is an activity intended to compromise the security of an information system by altering the availability, integrity, or confidentiality of a system or the information it contains.
- Cyber threat actors are states, groups, or individuals who, with malicious intent, aim to take advantage of vulnerabilities, low cybersecurity awareness, and technological developments to gain unauthorised access to information systems in order to access or otherwise affect victims’ data, devices, systems, and networks.
- The cyber threat environment is the online space where cyber threat actors conduct malicious cyber threat activity.
Understand your enemy
There are different types of cyber-attackers. Understanding their motivations will help you understand which of these may see you as a target and therefore the level of risk you or your organisation could be exposed to. The most common motivation for a cyber-attack is for money or acquiring something that can be traded for money such as your data, intellectual property rights (IPR), credentials, bank or credit card details.
In the UK and Northern Ireland, the primary source of attacks on businesses and individuals are through organised crime gangs (OCGs) and some Nation-State activity.The globalised nature of the Internet allows these threat actors to be physically located anywhere in the world and still affect the security of information systems in Northern Ireland.