This article proposes a classification of attributes of cybersecurity threats. A statistical study of the descriptive power of an open and closed threat dataset is presented. An expert study of an advanced persistent threat was also conducted using open reports as an example. The completeness of the threat description, as well as the ability of modern tools and protocols to describe such a threat, are assessed. The main conclusion is that current approaches to describing cybersecurity threats have shortcomings that prevent the most effective use of such information in operational activities