You are here

Categorizing Threat Building and Using a Generic Threat Matrix

The key piece of knowledge necessary for building defenses capable of withstanding or
surviving cyber and kinetic attacks is an understanding of the capabilities posed by threats to
a government, function, or system. With the number of threats continuing to increase, it is no
longer feasible to enumerate the capabilities of all known threats and then build defenses
based on those threats that are considered, at the time, to be the most relevant. Exacerbating
the problem for critical infrastructure entities is the fact that the majority of detailed threat
information for higher-level threats is held in classified status and is not available for general
use, such as the design of defenses and the development of mitigation strategies. To reduce
the complexity of analyzing threat, the threat space must first be reduced. This is achieved by
taking the continuous nature of the threat space and creating an abstraction that allows the
entire space to be grouped, based on measurable attributes, into a small number of distinctly
different levels. The work documented in this report is an effort to create such an abstraction.