Risk assessment

Came across an aspect I didn’t think about before.

Consider a computer system which gives users control over an action. Action could be:

  1. trivial changing background color of a webpage (low-risk action)
  2. dropping databases or VMs (high-risk action).

The point of view I have been aware of until now is: password breach to a low-risk system isn’t particularly dangerous. But it’s not dangerous for the application. There is another POV to consider — that of the user himself.

Say we’re storing order history of the logged in user (a low risk data), which might contain his address (a medium risk data). What if the person who got this information was the abusive ex? It becomes a targeted attack for the user, which makes low or medium risk application impact a high risk breach for the user.

So consider the impact of an access breach from both perspectives — the application and the user when making such categorizations.