Risk assessments, vulnerability management, and penetration tests are often seen by my students as focused on a server or a set of hardware and software in isolation. While this might occur in a ...