Breach

A project to identify the threats that exist over key information and information technology. The threat analysis usually also defines the level of the threat and likelihood of that threat to materialize. Examination of information to identify the elements comprising a threat.
[view]

Error of commission, omission, or oversight in an information system that may allow protection mechanisms to be bypassed.
[view]

(IS) Assessed occurrence having actual or potentially adverse effects on an information system. (COMSEC) Occurrence that potentially jeopardizes the security of COMSEC material or the secure electrical transmission of national security information. An unusual occurrence or breach in the security of a computer system. An event that has actual or potentially adverse effects on an information system. A computer security incident can result from a computer virus, other malicious code, intruder, terrorist, unauthorized insider act, malfunction, etc. The occurrence of a system intrusion.
[view]

Possibility that a particular threat will adversely impact an information system by exploiting a particular vulnerability. The likelihood that any specific threat will exploit a specific vulnerability to cause harm to an asset. Risk is an assessment of probability, possibility, or chance. Risk = threat - vulnerability. The probability that a particular security threat will exploit a particular vulnerability.
[view]

Formal description and evaluation of threat to an information system. Process of formally evaluating the degree of threat to an information system and describing the nature of the threat.
[view]