Cybersecurity

       Definition
       The ITU defines cybersecurity as "The collection of tools, policies, security concepts,  security safeguards,
       guidelines, risk management approaches, actions, training, best practices, assurance and technologies that
       security teams can use to protect cyberspace, organization, and user's assets."

       Terminologies
       The word "threat" is frequently confused with both terms: "risk" and "vulnerability." But in cybersecurity, it
       is significant to differentiate between threat, risk and vulnerability.

       Vulnerability is a weakness in hardware, software, or online service that attackers can exploit.
       Common Vulnerabilities and Exposures (CVEs) is a database with an identification number, a description,
       and at least one public reference for information-security vulnerabilities and exposures.
       Cyber threat is any circumstance/event with the potential to harm  organizational/nation operations like
       mission, functions, image, or reputation.
       Cyber  risk  refers  to  the  potential  for  an  asset's  damage,  loss  or  destruction  when  a  threat  exploits  a
       vulnerability. In other words: Threats + Vulnerability = Risk
       Cybercrime is a criminal activity that either uses or targets a computer, a computer network or a networked
       device
       Every cyber risk starts with an undiscovered vulnerability utilized to evolve into a threat that is executed,
       leading to a risk; such a process is called a cybercrime, as shown in figure 2.






























                                                 Figure 2 Cyber-crime scenario

















          13