Human Threats

• Misuse of assets or information
• Mistakes by employees
• Espionage (= spying)
• Employee Social Engineering
• Employees' lack of knowledge
• Weak password breaking
• Theft
• Unfollowed policies / rules

Human Threats – Con't

• Fraud due to role abuse
• Malware from infected devices
• Disallowed software downloads

Internal Application Threats

• Invalidated inputs
• Misconfigured apps
• Wrong error handling in apps

Internal Application Threats – Con't

• Variable manipulation & abuse
• Unauthorized access

Other Threats

• Data theft from USB disks
• System corruption: power surge
• Hardware failure due to errors
• Infrastructure failure: bad maintenance