diff --git a/docs/field-values.asciidoc b/docs/field-values.asciidoc
index f861bd5b6a..59cb2552dc 100644
--- a/docs/field-values.asciidoc
+++ b/docs/field-values.asciidoc
@@ -330,7 +330,7 @@ start, end, info
 [[ecs-event-category-threat]]
 ==== threat
 
-Relating to cybersecurity threats. Use this category to visualize and analyze events describing threat actors' targets, motives, or behaviors.
+Use this category to visualize and analyze events describing threat actors' targets, motives, or behaviors.
 
 
 *Expected event types for category threat:*
@@ -561,4 +561,4 @@ Indicates that this event describes only an attempt for which the result is unkn
 
 
 
-include::field-values-usage.asciidoc[]
\ No newline at end of file
+include::field-values-usage.asciidoc[]
diff --git a/schemas/event.yml b/schemas/event.yml
index 81ab80f39a..d64e355269 100644
--- a/schemas/event.yml
+++ b/schemas/event.yml
@@ -307,8 +307,7 @@
             - info
         - name: threat
           description: >
-            Relating to cybersecurity threats. Use this category to visualize and analyze events
-            describing threat actors' targets, motives, or behaviors.
+            Use this category to visualize and analyze events describing threat actors' targets, motives, or behaviors.
           expected_event_types:
             - indicator
         - name: web