In recent years, cyber threats have been increasing and affecting most sectors of the economy. News of cyberattacks is published daily. These threats include, among other things, more sophisticated attacks, high levels of potential damage from attacks, difficulty in identifying them, and improving attackers' capabilities. Cyber risk is a risk that is realized through an attack on computer systems or on systems and infrastructures that integrate computing and digitization systems. The intrusions into systems can be through the Internet, through components, machines, external devices, cell phones, and even printers and facsimiles. This is a broad definition that requires dealing with a large spectrum of risks, as most of the operations, we perform incorporate systems and technologies.
As a result of cyberattacks, various types of economic damage can occur, ranging from damages to the corporation's good name, business disruption, expenses under regulatory requirements to legal claims filed by third parties, and more. In order to reduce the risk of being harmed by a cyber-attack, a corporation must have an effective risk management system that will assess cyber-risk from a holistic perspective that will examine how a cyber attack can be realized, the IT defenses or controls and the business & operations preparedness. The risk assessment should emerge from the perspective of the potential attacker, with an understanding of the assets held in the corporation, the assessment of defenses and controls in business operations and computing systems, continualy challenging them.