Difference between revisions of "Physical Action"
From Open Risk Manual
Wiki admin (talk | contribs) |
Wiki admin (talk | contribs) |
||
| Line 1: | Line 1: | ||
== Definition == | == Definition == | ||
| − | '''Physical | + | '''Physical Action''' is the sub-category of [[Cyber Risk]] that encompasses deliberate threats to digital assets that involve proximity, possession, or force. |
It Includes theft, tampering, snooping, sabotage, local device access, assault, etc. | It Includes theft, tampering, snooping, sabotage, local device access, assault, etc. | ||
Latest revision as of 13:37, 3 November 2021
Definition
Physical Action is the sub-category of Cyber Risk that encompasses deliberate threats to digital assets that involve proximity, possession, or force.
It Includes theft, tampering, snooping, sabotage, local device access, assault, etc.
VERIS classification note: Natural hazards and power failures are often classified under physical threats. We include such events in the Environmental Hazards category and restrict the Physical category to intentional actions perpetrated by a human actor. This is done for several reasons, including the assessment of threat frequency and the alignment of controls.
