A threat is a potential source of harm that could exploit weaknesses or otherwise affect a system, user, or organization.
A threat is anything that could cause harm to a system, organization, or set of data. In plain language, it is the possibility that a person, event, process failure, or technical condition could lead to a security problem.
Threats matter because cybersecurity is not only about fixing defects. Teams also need to understand what kinds of events or actors could use those weaknesses, what business processes could be disrupted, and what assets are attractive enough to target. Without a threat view, security work can become a checklist disconnected from real exposure.
Threat language also helps teams prioritize. The fact that a weakness exists does not automatically explain why it matters now. A credible threat, such as active ransomware activity against a public service or repeated abuse of exposed credentials, adds urgency and context.
The term appears in threat modeling, security architecture reviews, risk assessments, SOC monitoring, and incident response. Security teams ask what threats are relevant to a new web application, which threats matter most to a privileged admin environment, and whether a new control meaningfully reduces those threats.
Threats can be human, technical, or environmental. A malicious actor is one type of threat, but so are outages, insider misuse, or a critical dependency failure that affects the availability of an essential service.
A company runs a public customer portal that stores personal information. Relevant threats may include credential stuffing against user accounts, phishing against support staff, ransomware against connected systems, and outages that prevent customers from accessing the service. Each threat points the team toward different controls and response planning.
A threat is not the same as a Vulnerability. A vulnerability is a weakness. A threat is the source of possible harm or the event that could make that weakness matter. The two concepts are related, but they are not interchangeable.
It is also different from an Exploit. An exploit is a method or piece of code that takes advantage of a vulnerability. A threat is broader and may exist even before a specific exploit is publicly known.