Discussion should include
- how vulnerabilities exist regardless of the state (e.g., data at rest, data in transit, data being processed) of the data
- methods by which data could be compromised (e.g., corruption, loss, SQL-injection attacks, ransomware, sabotage).