Enhance cybersecurity awareness and survivability for DoD, industry partners, and academia in the face of the ever-increasing threat of cyber attacks. Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.
In my experience, the level of understanding of an adversaries perspective has been severely lacking. In special operations we couldn’t simply assume an adversary was ‘crazy’ to want to fight or even become a suicide bomber. All of the truly good threat analysts had to know or at least consider and seek to understand their motivations in order to conceptualize scenarios that may be faced. In the cyber domain this is even more critical since much is designed into a complex architecture that is fixed, while threats can probe endlessly and evolve constantly. Has anyone seen an effective use of design basis threats in system/network design?
You must be logged in to reply to this topic.