| SP-TE-01: Disaster or major events in the environment |
|
| SP-TE-02: Unfavourable climatic conditions |
|
| SP-TE-03: Fraud |
|
| SP-TE-04: Sabotage |
|
| SP-TE-05: Physical theft |
|
| SP-TE-06: Unauthorized physical access or entry to premises |
|
| SP-TE-07: Coercion, extortion or blackmail |
|
| SP-TE-08: Warfare or terrorists attack |
|
| SP-TE-09: Accidental leaks or sharing of information due to human error or mishandling |
|
| SP-TE-10: Leaks of information or data through applications flaws, misconfigured services or system errors. |
|
| SP-TE-11: Disruption to information systems due to misconfiguration or maintenance errors |
|
| SP-TE-12: Unintentional change of data within information system |
|
| SP-TE-13: Inadequate design and planning leading to improper deployment |
|
| SP-TE-14: Inadequate workflows or processes leading to flaws in deployment |
|
| SP-TE-15: Unintentional damages through security testing |
|
| SP-TE-16: Unintentional destruction of records through mismanaged data repositories or storage |
|
| SP-TE-17: System failure or corruption of information systems, devices or media |
|
| SP-TE-18: Failure or disruption of network infrastructure, connectivity or communication links |
|
| SP-TE-19: Failure within information systems due to disruption or unavailability of dependant external supply chains |
|
| SP-TE-20: Interception of information due to publicly accessible insecure or rouge remote access points |
|
| SP-TE-21: Network reconnaissance and information gathering |
|
| SP-TE-22: Session hijacking |
|
| SP-TE-23: Adversary in the middle attack or network traffic modification |
|
| SP-TE-24: Identity theft |
|
| SP-TE-25: Generation of false identities |
|
| SP-TE-26: Abuse of resources through misconfiguration |
|
| SP-TE-27: Exploit hardware or platform vulnerabilities |
|
| SP-TE-28: Infection from malware, worms or trojans |
|
| SP-TE-29: Web application attacks or code injection attack |
|
| SP-TE-30: Rogue software masquerading as trusted application |
|
| SP-TE-31: Unauthorized changes or manipulation of application functionality or code |
|
| SP-TE-32: Social engineering or phishing attacks |
|
| SP-TE-33: Receive of unsolicited e-mail |
|
| SP-TE-34: Violate isolation in multi-tenant environment |
|
| SP-TE-35: Lack of security insights, monitoring or manipulation of audit log integrity |
|
| SP-TE-36: Unauthorized changes or manipulation of information data records |
|
| SP-TE-37: Compromise of confidential information or data breach |
|
| SP-TE-38: Destruction of records through malicious user or malware infection |
|
| SP-TE-39: Distributed Denial of service (DDoS) across network layers |
|
| SP-TE-40: Distributed Denial of service (DDoS) across application services |
|
| SP-TE-41: Brute force attempts on user or system accounts |
|
| SP-TE-42: Denial of service on hosting platform or system services |
|
