Information Technology Reference
In-Depth Information
date and time, at least the potential for occurrence is known. Organizational
assets are in a hurricane-prone area, earthquake zone, or floodplain or they are
not. Adversaries are more difficult to predict. You may not even know your
organization has an adversary; the adversary simply appears on your literal or
virtual doorstep. You may be aware of an adversary but lack specific knowledge
of its interest in your organization. Chapter 5 introduced a threat probability
assessment (TPA). TPA evaluates adversary capability (means); tactical prefer-
ences (method); leadership, individual psychology, group and social dynamics,
and political psychology (motivation, operations and interests); and potential
adversarial objectives (mission).
If an adversary is well known to hate your organization or what it stands for
(motivation), but has limited or no knowledge of how to execute a cyber-attack
(low/no method), this gives you a clue how to characterize the risk. If an adversary
is highly motivated and highly knowledgeable but lacks the funding to purchase
the appropriate equipment or effectively use that equipment (no means), this gives
you a clue how to characterize the risk.
If your assessment of the threat space finds a state-sponsored adversary with
interest in your organization, a nation-state may easily have the means, method,
and motivation to act. For example, consider a developing country with little
indigenous technology to create an effective infrastructure (energy, roads, hous-
ing, water, etc.). If that country were to sponsor corporate espionage that sought
after engineering designs and manufacturing process for, say, power tools, engines,
or autos, it may accelerate its national growth by decades at a savings of billions
of dollars by not having to purchase those same devices or capabilities. Given the
potential payback of increased gross national product, increased quality of life for
citizens, a broadened tax base, and emergence as a world player decades ahead of
any previous expectations, this is a high motivation. The means comes from the
power of government to collect and allocate tax revenues to the effort.
The following sections present IA justification in context of TPA elements
means, method, motivation, and mission.
13.5.1
Adversary Means
Adversary means is the capability to carry out an attack—capability in terms of
finances, equipment, and knowledge. IT attack means include:
n
−
−
n
−
−
Finances
Private financing
State-sponsored financing
Equipment
Common
Specialized
