〈   Governance and cyber risks

Chapter 1.1

Definitions and types

A risk is the probability that an undesirable event will occur, leading to negative consequences for a person, a company or an organisation, such as the failure to achieve an objective, a reduction in performance or the loss of an opportunity.

Cyber-risks thus refer to potential threats to computer systems and networks, including the data stored on these systems. These threats can take the following forms:

  • Data breach: A data breach or leak involves the extraction of data from a computer system, thereby infringing the confidentiality of the system and the data it contains. This includes the voluntary or involuntary disclosure of data.
  • Violation of data integrity: The correctness and consistency of the data are compromised.
  • Unauthorised access: Data or a system is accessed by an unauthorised party.
  • Remote access: A network or IT resource (such as data, an application or a system) is accessed remotely.
  • Malware infection: Malware (short for “malicious software”) is an IT program designed to compromise the availability, integrity or confidentiality of an IT system
  • Social engineering: This is an activity that involves persuading a legitimate user, by exploiting their naivety or ignorance of the risks, to perform a step which compromises their system.
  • Interruptions: The provision of a service or the production of goods is interrupted.
  • Reputational damage: This is damage to the brand image or reputation of an organisation.

2023 © Trust Valley. All rights reserved.