Basically, the existing information security risk assessments use mathematics, statistics and computer science to analyze the information assets. Current academic risk assessment methodologies do not completely solve the risk from invisible cyber threats. More research and efforts are needed to fully complement the current risk assessment methodology. The most important things to be supplemented is to review the level of cyber threat blockade and level of appropriate security equipment. Unfortunately, existing methodologies are not concerned with the blockade of cyber threats and the operation of appropriate security equipment. In this paper, the new intrinsic risk assessment method by performing risk assessment is proposed in two directions. First, the risk level of the cyber threats’ influx path is evaluated. Second, the level of defense systems required to treat or quarantine cyber threats that have entered inside is evaluated.

现有的信息安全风险评估基本上使用数学、统计学和计算机科学来分析信息资产。当前的学术风险评估方法并不能完全解决无形网络威胁带来的风险。需要更多的研究和努力来全面补充当前的风险评估方法。需要补充的最重要的事情是审查网络威胁封锁的水平和适当的安全设备的水平。不幸的是，现有的方法并不关心网络威胁的封锁和适当的安全设备的运行。本文从两个方向提出了通过进行风险评估的新的内在风险评估方法。首先，评估网络威胁流入路径的风险级别。第二，