LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What are the five main categories of threats to information security?

The five threat categories are: deliberate manipulation, human misbehavior, organizational weaknesses, technical failures, and force majeure.

Radial hub with five threat categories.

* The five threat categories — deliberate manipulation, human misbehavior, organizational weaknesses, technical failures, force majeure. *

Category Nature Examples
Deliberate manipulation Intentional attacks Hacking, DDoS, malware, eavesdropping
Human misbehavior Unintentional human errors Negligence, ignorance, gullibility
Organizational weaknesses Process/management gaps Missing policies, unclear responsibilities
Technical failures System/component failures Misconfigurations, unpatched software, broken monitoring
Force majeure Uncontrollable external events Natural disasters, fire, war

Key insight: Security programs must address ALL five categories. Many organizations focus only on deliberate attacks (technical controls) while neglecting human factors, organizational processes, and disaster preparedness.

How controls map:

  • Deliberate manipulation → Technical & detective controls
  • Human misbehavior → Awareness training & process controls
  • Organizational weaknesses → Governance & management controls
  • Technical failures → Maintenance & configuration management
  • Force majeure → Business continuity & disaster recovery

Go deeper:

From Quiz: ISM / ISM Intro & Repetition | Updated: Jul 14, 2026