1. External hackers attacking your systems’ availability
  2. Security defects/vulnerabilities in hardware and software
  3. External hackers attacking your corporate information
  4. Employee errors in software and computer use
  5. Employee actions that are intentionally harmful
  6. Natural disasters
  7. Theft of physical assets
  8. Unauthorized wireless network access
  9. Terrorism

(N=294 / Source: Gartner 2005)