In communications security, see susceptibility. 2. The extent to which a system will degrade when subjected to a specified set of environmental conditions. 3. In communications interference, see susceptibility threshold. 4. In cryptology, the point of weakness within the encrypted system where threats can occur, such as equipment, facilities, hardware, software, operating systems and personnel. [After X9.49] 5. [A] weakness in an information system (IS), [in] system security procedures, [in] internal controls, or [in] implementation that could be exploited. [INFOSEC-99]