Project MARC aimed to develop a mechanism to assess the risk of theft of consumer electronic products, and their corresponding security; and to devise an operational scheme for the European Union (EU) to influence manufacturers to make their products less criminogenic. The project encountered serious difficulties in the assessment process due, among other things, to limitations of concepts and terminology. This paper describes and analyses those limitations; discusses an approach to redesigning language that draws on biological and risk management concepts; proposes a basic grammar of risk and security covering their dual dimensions of probability and harm; focuses on sources of risk centered on the product, based on crime scripts and criminal motivation; and explores wider ecological and evolutionary issues. It makes suggestions for improving any assessment scheme and raises wider issues on how crime science should tighten its terminology and bring together approaches to crime prevention and risk management. Table, appendix, and references