Follow Mark on LinkedIn Follow @marknca on Twitter Follow marknca on YouTube
marknca

Mornings With Mark
no. // 0 0 0 7

Cybersecurity Basics #2 - Vulnerabilities, Exploits, and Threats

Subscribe to the podcast.

Watch the episode here

Join the discussion on LinkedIn

Tweet about this episode

Full machine generated transcript follows

Morning, everybody. How you doing today? Obviously little off today at based on the time through here in a super super glamorous business Hotel again last night coming at you this morning. If you're coming by West Coast time. I'm an hour and 13 minutes early, which is a bonus for me today to talk about a few things in a few key terms and people mess up all the time.

So I will talk to you about ability fretzin risk. Super exciting but this is the core of how we figure out whether something's worth taking action on and what I mean by taking action on is it worth doing something about number of things that you have challenges with in cyber-security that you're trying to defend against rights.

Are you intending only as you intend which is sort of absolutely One of the things when it comes to defending against actual bad, you need to worry about vulnerability now of vulnerability in what your system is supposed to be so I'll give you a physical security window that's locked broken.

vulnerability is a window that has it blocked broken the vulnerabilities that broken off a shoe to get by your security and somebody could come through the window, right so vulnerable is that possibility is that possibility that it's somebody taking advantage of that ability is the possibility of you being attacked or they're being Exploits would be somebody coming along and maybe sliding something at Fannin 30 under that window to pop it up so that they can get in so that X and popping in under the window to pop in and the cybersecurity world of possibility for a something wrong like to tighten breach in your system.

And what is the likelihood that some sort of malicious actor is going to use it on your vulnerability. So if you are have a broken window on the 20th floor and there are no doubt. There's a very low level of threat here because even though you know, there's a known as Have the threat is relatively low because there's no swass of spider people coming up on the first floor has a completely different threat.

So there's a different threat now in the context of risk. So risk is looking at all of this stuff together as well as a consequence of high-risk in the cyber security security world is threat X vulnerability X consequence. I really hate that because that's what it what it is is it's actually looking at the likelihood of all these things happening together.

So if we're taking our window analogy and we're looking at The window was broken. We haven't known exploit somebody can use that to a strong like a thin spatula to pop it out and we have a pretty strong threat because there's a 250 people walking by the window every day for somebody on the first floor to the 24 now cause physical harm they could steal our stuff is so much lower.

The buildings is no balconies. Remember as much lower the risk is looking at all of these things together all types of security threats consequences. These all rolled up into hope that makes sense. This is the second piece in our cyber security Basics videos for our Target and turn so nice getting to do one for each of the terms and then one overall and I'll be pushing that out.

I'm on at the Trend Micro handle. I'm just to help eye that wider audience as well. Let me know online Market on. Me at Mark M. CA via email always looking forward to having a conversation. I really would like to hear from you folks about that. What kind of a 6-1 had terms you need to find out if you know what I mean by let me know.

This is very much driven show of your setup for a fantastic day. I will talk to you online and see you on the show again tomorrow. Morning, everybody. How you doing today? Obviously little off today at based on the time through here in a super super glamorous business Hotel again last night coming at you this morning.

If you're coming by West Coast time. I'm an hour and 13 minutes early, which is a bonus for me today to talk about a few things in a few key terms and people mess up all the time. So I will talk to you about ability fretzin risk. Super exciting but this is the core of how we figure out whether something's worth taking action on and what I mean by taking action on is it worth doing something about number of things that you have challenges with in cyber-security that you're trying to defend against rights.

Are you intending only as you intend which is sort of absolutely One of the things when it comes to defending against actual bad, you need to worry about vulnerability now of vulnerability in what your system is supposed to be so I'll give you a physical security window that's locked broken.

vulnerability is a window that has it blocked broken the vulnerabilities that broken off a shoe to get by your security and somebody could come through the window, right so vulnerable is that possibility is that possibility that it's somebody taking advantage of that ability is the possibility of you being attacked or they're being Exploits would be somebody coming along and maybe sliding something at Fannin 30 under that window to pop it up so that they can get in so that X and popping in under the window to pop in and the cybersecurity world of possibility for a something wrong like to tighten breach in your system.

And what is the likelihood that some sort of malicious actor is going to use it on your vulnerability. So if you are have a broken window on the 20th floor and there are no doubt. There's a very low level of threat here because even though you know, there's a known as Have the threat is relatively low because there's no swass of spider people coming up on the first floor has a completely different threat.

So there's a different threat now in the context of risk. So risk is looking at all of this stuff together as well as a consequence of high-risk in the cyber security security world is threat X vulnerability X consequence. I really hate that because that's what it what it is is it's actually looking at the likelihood of all these things happening together.

So if we're taking our window analogy and we're looking at The window was broken. We haven't known exploit somebody can use that to a strong like a thin spatula to pop it out and we have a pretty strong threat because there's a 250 people walking by the window every day for somebody on the first floor to the 24 now cause physical harm they could steal our stuff is so much lower.

The buildings is no balconies. Remember as much lower the risk is looking at all of these things together all types of security threats consequences. These all rolled up into hope that makes sense. This is the second piece in our cyber security Basics videos for our Target and turn so nice getting to do one for each of the terms and then one overall and I'll be pushing that out.

I'm on at the Trend Micro handle. I'm just to help eye that wider audience as well. Let me know online Market on. Me at Mark M. CA via email always looking forward to having a conversation. I really would like to hear from you folks about that. What kind of a 6-1 had terms you need to find out if you know what I mean by let me know.

This is very much driven show of your setup for a fantastic day. I will talk to you online and see you on the show again tomorrow.