Difference between revisions of "Physical Action"

Definition

Physical Actions is the sub-category of Cyber Risk that encompasses deliberate threats to digital assets that involve proximity, possession, or force.

It Includes theft, tampering, snooping, sabotage, local device access, assault, etc.

VERIS classification note: Natural hazards and power failures are often classified under physical threats. We include such events in the Environmental Hazards category and restrict the Physical category to intentional actions perpetrated by a human actor. This is done for several reasons, including the assessment of threat frequency and the alignment of controls.