Skip to content

3

Threats

This chapter provides a comprehensive overview of the Threats specific to GenAI Security. Please, refer to the SCF C|P-RMM section within the Threat and Vulnerability Frameworks chapter, as a starting point to understand what a Threat is versus a Risk or a Vulnerability.

The SCF C|P-RMM [1] [2] Threat Catalogue presents two independent entries that fit GenAI Security: MT-2 and MT-13, as seen in Figure 2.

MT-2 MT-13
Figure 2: GenAI Security-reated risks found in SCF C|P-RMM.

These two entries cover the full breadth of GenAI Security Threats, but they do not provide the necessary depth to be able to discuss the specificities of such domain. Gurple extends the SCF C|P-RMM Threat Catalogue to detail it more granularly for GenAI Security, as seen in Figure 3.

---
config:
  theme: 'forest'
---
mindmap
  root((SCF C|P-RMM))
    ((MT-2 + MT-13))
      Prompt Injection
      Model Tampering
      Workflow Injection
      ...

Figure 3: Extension of the SCF C|P-RMM Threat Catalogue to detail specific GenAI Security Threats.

For more information on the various possibilities of how these Threats can be delivered as attacks to GenAI systems, please refer to the Attack Entry Points chapter.


References

[1] “Cybersecurity & Data Privacy Risk Management Model (C).” https://securecontrolsframework.com/free/risk-management-model/.

[2] “Cybersecurity & Data Privacy Risk Management Model (CP-RMM) Overview.” https://securecontrolsframework.com/content/SCF-Risk-Management-Model.pdf, 2025.