A potential occurrence that can result in an undesirable outcome.
A person or thing likely to cause damage or danger.
A threat actor is a person or entity that is responsible for an event or incident that impacts, or has the potential to impact, the safety or security of another entity.
Script Kiddies - A derogatory term for people who use hacking techniques but have limited skills. Often such attackers may rely almost entirely on automated tools they download from the Internet.
Hacktivist - A person who uses hacking techniques to accomplish some activist or political goal. Usually seeking to deface websites.
Insiders - Internal employees seeking to cause damage to their organization.
Organized Crime - Organized groups seeking to steal money, identities, or corporate secrets.
Competitors - Outside organizations seeking to commit corporate espionage for financial or market gain.
Nation States - Countries sponsoring illegal or fraudulent actions.
APT - Advanced Persistent Threat - An attack in which unauthorized persons gain access to a network using advanced exploitation techniques and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization.
Deep Web - Anything on the internet that a search engine can't find.
Dark Web - A part of the deep web internet that is only accessible by means of special software (TOR), allowing users and website operators to remain anonymous or untraceable.
Dark Web Market - A part of the Dark Web often illegally selling goods, merchandise, data/information, or services.
Open Source - Any info that is readily available to anyone, such as newspapers or news sites.
Intelligence - The collection of information of military, political, organizational, or financial value.
Level of Sophistication