Th cybersecurity landscape is constantly evolving and threats are getting more sophisticated. Our governing principle to cybersecurity relies on a risk-based approach. Risk identification process includes understanding threats and related vulnerabilities. Analysis of risks relates to determining the likelihood of occurrence. Evaluating the risk will require understanding the consequences of a materialized threat and its impact on confidentiality, availability and integrity of information assets.