The terms cyber attack
, cyber threat
, and cyber risk
are interrelated as follows. A cyber attack is an offensive action, whereas a cyber threat is the possibility that a particular attack may occur, and the cyber risk associated with the subject threat estimates the probability of potential losses that may result.
For example, a Distributed Denial of Service (DDoS) cyber attack
by a botnet is a cyber threat
for many enterprises with online retail websites, where the associated cyber risk
is a function of lost revenues due to website downtime and the probability that a DDoS cyber attack will occur.