Abstract
The motivation of investigation is explained by the problem of keeping organisations’ information and private ones secure. One reason for this is insufficiency of information protection systems, and another – vulnerability in such kind of systems. The article is devoted to defining and analyzing the types and sources of information security threats for an automated system. It can be useful for developing the model method, having the purpose of detecting and further preventing of hazards. The safeness of Data Leak Prevention (DLP) system itself is also under investigation. The analysis was carried out by an expert method with system analysis. A DLP system was considered, on the one hand, as a way of information protection to prevent information leakage, and on the other hand, as an object of protection which is vulnerable to threats of information security. The presented threat model includes the sources of threats, divided into three large groups: anthropogenic, technogenic and spontaneous; and types of threats: intentional and unintentional.