A person, a group of people, or even some phenomena unrelated to human activity
can serve as an information security threat. Following from this, all threat sources
break down into three groups:
The human factor. This group of threats concerns the actions of people with
authorized or unauthorized access to information. Threats in this group can be
+ External, including cyber criminals, hackers, internet scams, unprincipled partners, and criminal structures.
+ Internal, including actions of company staff and users of home PCs. Actions taken by this group could be deliberate or accidental.
The technological factor. This threat group is connected with technical problems -
equipment used becoming obsolete and poor-quality software and hardware for
processing information. This all leads to equipment failure and often to data loss.
The natural-disaster factor. This threat group includes any number of events
brought on by nature and other events independent of human activity.