Cyber Threat
cyber threat DO we need to add this into the ontoloty.
potential cause of an unwanted cybersecurity incident (3.4), which can result in harm to a system, people, society, organization, or other entities in cyberspace (3.5)
[SOURCE:ISO/IEC 27000:2018, 3.74, modified — The term “threat” has been replaced with “ cyber threat”. In the definition, “incident” has been replaced with “cybersecurity incident”, and new wording has been added after "system".]
Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. Also, the potential for a threat-source to successfully exploit a particular information system vulnerability. - NIST