Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. Also, the potential for a threat-source to successfully exploit a particular information system vulnerability.
Source(s):
FIPS 200 under THREAT from CNSSI 4009 - Adapted
NIST SP 1800-15B under Threat from FIPS 200

  Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Source(s):
NIST SP 800-128 under Threat from CNSSI 4009
NIST SP 800-137 under Threat from CNSSI 4009 - Adapted
NIST SP 800-39 under Threat from CNSSI 4009
NISTIR 7621 Rev. 1 under Threat from NIST SP 800-53 Rev. 4
NISTIR 7622 under Threat from CNSSI 4009, NIST SP 800-27, NIST SP 800-37, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-60
NISTIR 8170 under Threat from CNSSI 4009
CNSSI 4009-2015 [Superseded] from NIST SP 800-30 Rev. 1
NIST SP 800-161 [Superseded] under Threat from NIST SP 800-53 Rev. 4, CNSSI 4009
NIST SP 800-37 Rev. 1 [Superseded] under Threat from CNSSI 4009 - Adapted
NIST SP 800-53 Rev. 4 [Superseded] under Threat from CNSSI 4009 - Adapted
NIST SP 800-53A Rev. 4 [Superseded] under Threat from CNSSI 4009

  Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, or modification of information, and/or denial of service.
Source(s):
NIST SP 1800-21B under Threat from NIST SP 800-30 Rev. 1
NIST SP 800-150 under Threat from NIST SP 800-30 Rev. 1
NIST SP 800-30 Rev. 1 under Threat from CNSSI 4009

  Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through a system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Source(s):
NIST SP 800-12 Rev. 1 under Threat from NIST SP 800-30

  Any circumstance or event with the potential to adversely impact organizational operations, organizational assets, individuals, other organizations, or the Nation through a system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Source(s):
NIST SP 800-128 from NIST SP 800-30
NIST SP 800-161r1 from NIST SP 800-53 Rev. 5
NIST SP 800-172 from NIST SP 800-30 Rev. 1
NIST SP 800-172A from NIST SP 800-30 Rev. 1
NIST SP 800-37 Rev. 2
NIST SP 800-53 Rev. 5 from NIST SP 800-30 Rev. 1
NIST SP 800-53A Rev. 5 from NIST SP 800-30 Rev. 1
NIST SP 800-171 Rev. 2 from NIST SP 800-30
NIST SP 800-171 Rev. 1 [Superseded] from CNSSI 4009 - Adapted

  Any circumstance or event with the potential to adversely impact agency operations (including mission, functions, image, or reputation), agency assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Source(s):
NIST SP 800-18 Rev. 1 under Threat from CNSSI 4009 - Adapted
NIST SP 800-82 Rev. 2 under Threat from NIST SP 800-53

  See threat.
Source(s):
NIST SP 800-150 under Cyber Threat

  an activity, deliberate or unintentional, with the potential for causing harm to anautomated information system or activity.
Source(s):
NIST SP 800-16 under Threat

  An event or condition that has the potential for causing asset loss and the undesirable consequences or impact from such loss. Note: The specific causes of asset loss, and for which the consequences of asset loss are assessed, can arise from a variety of conditions and events related to adversity, typically referred to as disruptions, hazards, or threats. Regardless of the specific term used, the basis of asset loss constitutes all forms of intentional, unintentional, accidental, incidental, misuse, abuse, error, weakness, defect, fault, and/or failure events and associated conditions.
Source(s):
NIST SP 800-160 Vol. 1

  A possible danger to a computer system, which may result in the interception, alteration, obstruction, or destruction of computational resources, or other disruption to the system.
Source(s):
NIST SP 800-28 Version 2 under Threat

  The potential source of an adverse event.
Source(s):
NIST SP 800-61 Rev. 2 under Threat

  Any circumstance or event with the potential to adversely impact operations (including mission function, image, or reputation), agency assets or individuals through an information system via unauthorized access, destruction, disclosure, modification of data, and/or denial of service.
Source(s):
NIST SP 800-57 Part 2 Rev.1 under Threat

  An event or condition that has the potential for causing asset loss and the undesirable consequences or impact from such loss.
Source(s):
NIST SP 1800-17b under Threat

  Any circumstance or event with the potential to adversely impact agency operations (including mission, functions, image, or reputation), agency assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Source(s):
NIST SP 800-60 Vol. 1 Rev. 1 under Threat from CNSSI 4009 - Adapted
NIST SP 800-60 Vol. 2 Rev. 1 under Threat from CNSSI 4009 - Adapted

  An event or condition that has the potential for causing asset loss and the undesirable consequences or impact from such loss. Note: The specific causes of asset loss, and for which the consequences of asset loss are assessed, can arise from a variety of conditions and events related to adversity, typically referred to as disruptions, hazards, or threats. Regardless of the specific term used, the basis of asset loss constitutes all forms of intentional, unintentional, accidental, incidental, misuse, abuse, error, weakness, defect, fault, and/or failure events and associated conditions.
Source(s):
NIST SP 800-160 Vol. 1

  Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. Also, the potential for a threat source to successfully exploit a particular information system vulnerability.
Source(s):
NIST SP 1800-15C under Threat from FIPS 200

  Any circumstance or event with the potential to adversely impact organizational operations and assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, or modification of information, and/or denial of service.
Source(s):
NIST SP 1800-30B from NIST SP 800-30 Rev. 1 - adapted

  potential cause of an unwanted incident, which may result in harm to a system or organization
Source(s):
NISTIR 8053 from ISO/IEC 27000:2014

  Any circumstance or event with the potential to cause the security of the system to be compromised.
Source(s):
NISTIR 4734 under Threat

  the likelihood or frequency of a harmful event occurring
Source(s):
NISTIR 7435 under Threat

  Any circumstance or event with the potential to adversely impact organizational operations (a negative risk).
Source(s):
NISTIR 8286 under Threat

  Any circumstance or event with the potential to adversely impact organizational operations, organizational assets, individuals, other organizations, or the Nation through a system via unauthorized access, destruction, disclosure, modification of information, or denial of service.
Source(s):
NISTIR 8323 under Threat from NIST SP 800-53 Rev. 5

  Any circumstance or event with the potential to cause harm to an information system in the form of destruction, disclosure, adverse modification of data, and/or denial of service.
Source(s):
NIST SP 800-32 [Withdrawn] under Threat from NSTISSI 4009

  Any circumstance or event with the potential to harm an information system through unauthorized access, destruction, disclosure, modification of data, and/or denial of service. Threats arise from human actions and natural events.
Source(s):
NIST SP 800-27 Rev. A [Withdrawn]

  The potential for a “threat source” (defined below) to exploit (intentional) or trigger (accidental) a specific vulnerability.
Source(s):
NIST SP 800-33 [Withdrawn]

  The potential for a threat-source to exercise (accidentally trigger or intentionally exploit) a specific vulnerability.
Source(s):
NIST SP 800-47 [Superseded] under Threat

  Any circumstance or event with the potential to adversely impact agency operations (including mission function, image, or reputation), agency assets or individuals through an information system via unauthorized access, destruction, disclosure, modification of data, and/or denial of service.
Source(s):
NIST SP 800-57 Part 2 [Superseded] under Threat