Confusion in cyber defense
In more recent history, the definition of cyber threat and any attempt to systematically or intelligently further demarcate the differences between what constitutes a cyber threat has become difficult at best. Consider the use of malware in relation to cyber security and cyber threats. While malware is certainly considered a subset of a cyber threat issue, it is not by itself an identifying term. Typically, research and academic work within the cyber field now discuss malware as a piece of the cyber problem, and any research or discussion of the malware term breaks down into an immediate classification of the malware type itself. Additionally, terms and definitions, such as social engineering and exploitation, have become a piece of the collective definition of cyber threat research.
They are not typically considered as specific corollaries to any set of cyber threat groups or certain operations. These terms and their uses, within cyber research, evolve on a nearly daily basis and have become more a study of tying specific cyber actions or operations to a group of cyber threats, instead of the collective research determining with any specificity what certain terms can be tied to which cyber threat. It is the language equivalent of trying to catch rain in one's hand; the medium simply moves too quickly and is reformed according to its own whims.