Advanced Persistent Threats

“Advanced Persistent Threats” (APT) describe the network attacks via non-authorised persons or groups with the objective of stealing data and destroying the existent data structures.

All-hazards Approach

In an all-hazards approach, all possible hazards are equaly taken into account. An example from the insurance business shows that the all-hazards approach covers all damages by storms, by water or by fire if they were not excluded upfront.

Applied Threat

An “Applied Threat” only occurs if an object has a blind spot. Via this blind spot, the threat may have a negative effect on the object. If a user loads a virus onto his computer and the computer is unable to fight it, the user is at risk. If he uses an...

Assessment of Protection Needs

The assessment fixes the protection requirements, the protection requirements of business processes, information processes and computer components. To do so, all possible damages are considered that might occur in case of an impairment of the internet security,...


Attacks describe prohibited actions and non-authorised acts which aim at destroying computing ressources, files or software. Essentially, there is a distinction between active (by distortion of the communication) and passive (by endangering the confidentiality)...

Attack Vector

The attack vector defines the way respectively the process used by hackers to gain unauthorised access to a computer or a network to install malware such as viruses or spyware.


A backdoor comprises malware that leave the door open for the unauthorised access to an IT-system. This enables an undetected intrusion into the system. The malware contains extensive access rights to cover up their tracks.

Backup Systems for Water Security

Backup systems for water security describe facilities and installations used to secure the population’s emergency provision with water.

Base Values of Information Technology

In IT-base protection, the base values of information technology are defined. The three most important values are confidentiality, availability and integrity even though the list may be enhanced for an individual case. Further terms characterising IT-security are...

Business Impact Analysis (BIA)

The Business Impact Analysis (BIA) estimates possible direct and indirect consequential damages of an emergency or a crisis for the company or institution which have been caused by the failure of business processes.