3 rating scale in more detail
Previous postings:
CyTRAP Labs 5-points risk barometer | ||||
low | elevated | moderately critical |
critical | severe |
1 | 2 | 3 | 4 | 5 |
CyTRAP Labs has developed a general ranking system for CASEScontact.org advisories that indicates the severity of known threats and vulnerabilities and impact business operations, home users’ and mobile workers’ systems.
_Fact sheet – ranking threat, vulnerability and impact to arrive at the overall risk assessment
Level | threat, vulnerability, & impact condition |
facts | color coding |
1 | low | Basic security posture.There is neither a specific threat being massively distributed nor a discernible network incident activity. | low |
2 | elevated | There is no direct threat to systems that have been patched.
Remain vigilant. |
elevated |
3 | moderately critical or high |
An unpatched or recently patched vulnerability can be exploited by malware or a hacker.Systems and information assets are at risk being targeted.
Virus = MyLife, Klef |
moderately critcial |
4 | critical | Organizations and home-users require immediate defensive or preventive actions.Remotely exploitable flaws that may require user interaction.
Windows, Microsoft = zero-day vulnerability – exploit code spreading & being actively exploited by hackers |
critical |
5 | severe – take cover | Severe risk of a threat attack or critical threat .Remotely exploitable flaws, which could lead to system compromise without user interaction.
Virus = Nimda, Loveletter |
severe |
Every threat and vulnerability is assessed and ranked using the above CyTRAP Labs advisory system. It allows the ranking of threats, vulnerabilities according to their level of criticality and determinining of their impact on business operations, mobile workers and home-users.
CyTRAP Labs 5-points risk barometer | ||||
low | elevated | moderately critical |
critical | severe |
1 | 2 | 3 | 4 | 5 |
Please also read:
- 1 how people assess risks
- 2 definining what is a threat, vulnerability versus an impact
- 3 rating scale in more detail
- 4 – calculating the overall score
– risk barometer – what threat, vulnerability and impact on business operations are we exposed to