Vulnerability (V) – A characteristic that exposes something to a weakness without a countermeasure to mitigate potential losses.

A warehouse may have a vulnerability to fire, a data center may have a vulnerability to a physical threat like an earthquake or network may have a vulnerability around access because it lacks a firewall (or perhaps a well-managed and patched firewall).

APT – Advanced, Persistent Threat

Given enough adoption of secure policies and frameworks and a threat agent with adequate resources, access and motivation any control/countermeasure/safeguard can be overcome.

This means that a sufficiently motivated and backed threat agent (nee “hacker”) can defeat any one (and in multiple cases, any) security controls put in place.