Manualshelf

User Manual

ManualsBrandsSiemens ManualsBuilding automationDesigo CC MP 5.0 BACnet Server, BACnet Protocol Implementation Conformance Statement (PICS), Basic Documentation
11121314151617181920
Cyber Security Basics
2
13
Siemens
Application Note
Smart Infrastructure
2.2 Threat and Risk Terminology
Please find below a brief glossary of common terminology used in Cyber Security.
An asset is a material or immaterial entity that must be protected. It is important to
list the relevant assets and understand their values (for the business and potential
attackers) in order to define the correct level of protection.
A vulnerability is a weakness or lack of protection of a system that can be
exploited. Examples are hardcoded passwords, network services that do not
properly verify their inputs, self-made cryptography algorithms, etc.
The exposure defines how easily an attacker can get access to the system in
order to perform malicious actions. Typically, the exposure is high if the system is
connected to the internet and can thus be reached from remote.
A threat is any potential damage that can result from the exploitation of
vulnerability by a threat agent, for example, a hacker can spot and use a
hardcoded password to gain access to a system.
The impact is the amount of damage that is suffered by assets in case there is a
Cyber Security incident. In some cases, it is possible to estimate the extent of the
damage, even in monetary terms, e.g. the costs of replacing devices. However,
more often, the damage involves a loss of reputation and other intangible assets
that are difficult to calculate.
A risk is the probability that the threat agent would find and exploit the vulnerability
weighted with the relative impact on the business, for example, a hacker can find
the default admin password in some documentation: if the password was not
properly changed during the engineering phase, the system is at high risk, because
the hacker can use it to install malicious software with administrator privileges.
A control or countermeasure is put in place to mitigate the risk and can include
HW or SW procedures, for example, a system with default passwords can be
isolated from the rest of the system to reduce the likelihood of being accessed by
an attacker.
Figure 1: Threat and risk terminology