There are many different types of computer security risks that a company or individual computer user should be aware of, though most of them can be categorized as either external or internal threats. External threats are those that come from outside of a system, such as a hacker who attacks a company that he or she has no other contact with, or the dissemination of a virus or other malware through a computer system. Internal security risks are those that come from within a company or system, such as an employee stealing information from a company or carelessness that leads to data theft.
Some of the most damaging and dangerous types of computer security risks are those that come from outside of a system. A large corporation, for example, might maintain a number of servers for data storage and hosting of company websites and other materials. Hackers from outside of that company can attack those systems through a variety of methods, typically meant to disrupt activities or obtain information. These attacks can result in a great deal of loss due to lost productivity, disruption of customer interactions, and data theft.
There are also a number of untargeted security risks that can come from external sources. While a hacker may need to target and attack a particular company or server, viruses and other malicious software can enter a system without the knowledge of company employees. These risks are ever present and should be defended against by a company or personal computer user to ensure resources are not lost or compromised for future attacks.
Internal computer security risks can be just as dangerous to a company, and may be even more difficult to locate or protect against. Disgruntled former or current employees, for example, may leak information online regarding the company's security or computer system. This can give external attackers, such as hackers, inside information to more easily penetrate a system and cause damage. Protection against this type of behavior often requires careful procedures for hiring security personnel and system updates following employee termination.
Other internal computer security risks can arise due to carelessness, which may result in severe consequences. A corporate officer, for example, might forget his or her laptop that contains private information on a public airplane upon disembarking. If someone else finds this laptop, then he or she may be able to use the information on it to steal identities or otherwise cause harm to a company or private individuals. These types of computer security risks are unpredictable and can only be avoided through the education of employees and company officers in safe computer practices.