risk barometer

3 comments 10.963 views

Depending upon information we have, we decide if a risk requires us to take an action or maybe we prefer choosing to ignore the risk.

The that information, a decision will be made resulting in an action, such as patching the vulnerable software by downloading and installing the latest version of the software where the vulnerability has been eliminated.

Important is that each:


vulnerability, and


all influence the way we assess a risk.

We use a ranking system that looks like this:

CyTRAP Labs risk barometer for infosec
low ele-
critical severe
1 2 3 4 5
CyTRAP Labs 5-Punkte InfoSec Risiko-Barometer
niedrig vorsichtig mittel-
kritisch extrem
1 2 3 4 5

The above ranking scheme is used to assess the risk regarding a threat, vulnerability and impact.Here is additional information about the CyTRAP Labs risk barometer and how we get at the numbers we publish: