Information Security Threat Catalog

1. Volcanoe

2. Electro-magnetic or radiation phenomenon

3. Equipment loss

4. Accident such as car or plane crash involving key personnel, facilities, equipment or media

5. Single Source

6. Meteorological phenomenon

6.1. Hurricane

6.2. Tornado

6.3. Rain

6.4. Sleet

6.5. Flood

7. Water Spout

8. Epidemic/Pandemic

9. Malicious Activity

10. Environmental

10.1. Fire

10.2. Water-related phenomenon such as plumbing leak or flood

10.3. Extreme temperature and/or humidity

10.3.1. Environmental contamination such as dust, pollution or corrosives

10.4. Extreme wind

10.5. Volcanic phenomenon

11. Software malfunction or failure

12. Social Engineering

13. Process malfunction such as documentation is not available to those who need it

14. Eavesdropping

15. Physical

15.1. Eavesdropping

15.2. Abuse of privilege

15.3. Lightning

15.3.1. Earthquake

15.3.1.1. Tsunami

15.4. Logical

15.4.1. Social Engineering

15.4.2. Malicious Unauthorized Logical Access

15.4.2.1. Violation such as sharing account and password or bypassing procedures

15.4.3. Malware such as virus, worm or trojan

15.4.4. Abuse of privilege

15.5. Fraud or Forgery

16. Hardware malfunction or failure such as telecom equipment or utilities

17. Vandalism of equipment or media

17.1. Vandalism of equipment or media

18. Malfunction

19. Human Error

19.1. Power Outage

19.2. Fraud or Forgery

19.2.1. Miscommunication such as lack of documentation or documentation error

20. Theft of equipment or media, even from trash