Insider Threats - Gaps in security policy, business processes, operational procedures, user and administration training, etc. can increase your risks.
Design flaws in your code, tools, and scripts, etc. can increase your risks.
Outdated storage systems or lax database security can increase your risks. This includes decentralized systems within business units.
Unpatched or outdated operating systems, code, tools, and utilities within your system's operating environment. including cloud computing can increase your risks.
Insecure protocols can increase your risks.
Unsecured wires, insecure WiFi access points, and insecure servers (physical access) can increase your risks.
Design flaws within a system's chips.
Who made the chips in your system?.
What else is connected to your network and systems? What processes are depending on that other businesses have in place? What risks are you agreeing to in your contracts with suppliers and business partners (or connected customers)?
