Computer systems are subject to various threats that undermine their security. These threats can come from different sources and some of them are not easily identifiable. Among the various threats we can mention the following:

• natural disasters or accidents (e.g. fires, earthquakes, etc.);
• attack by hackers, i.e. by external parties intent on compromising the security of the information system by damaging the company;
• malicious software, such as viruses or malware, capable of damaging data or computer systems, even just by deteriorating their performance;
• activities incorrect and illicit by internal personnel of the company organization, employees and collaborators of the company, sometimes carried out unknowingly

These threats are capable of causing even significant damage to the company business, through:

• the compromise of the IT systems with which the company provides services to customers;
• the leakage of confidential information, which could directly damage the company (e.g. commercial data or patents) or its customers (e.g. credit card numbers or health information);
• the modification or deletion of relevant data (e.g. moving money to bank or insurance accounts).