From Attack Profiles to Attack Vectors,
The cyber security field can present a complicated collection of threats for any organization.
It is a field that recognizes no boarders, sovereignty, organizational size or industry.
Cyber security evolves in a constant cycle of attacks and counter defense measures.
And with the proliferation of new technologies that link systems into the Web, organizational vulnerabilities
are multiplying at a rapid pace.
But like any field, cyber security can be measured. Cyber attacks are events carried out by global actors.
These event can be statistically measured and the actors have measurable profiles.
The cyber security field in general
operates by a collection of cause-effect relationships that define the behavior of cyber criminals and
cyber threat defenders. At the end of the day, cyber attackers are people, each governed by the bounded
govern their motives and tactics.
Internet Think Tank has your security covered
Here at Internet Think Tank, we understand that a superior cyber security defense starts with superior measurements.
In order for any defense to be successful, organizations must not only measure successful attacks,
but also attempted attacks. Collectively, such data reveals where your defenses are successful
and where they need improvement. The data must also be measured repeatedly, because cyber criminals
change their tactics constantly. This continuous modeling is essential in unravelling
the who, what, when, where, why, and how of every type of cyber attack and how they are evolving
to undermine your organization. Cyber Criminals never stop innovating... Why should you?
All cyber attacks can be categorized into what we refer to as "attack profiles" (AP). Attack profiles are
general types of cyber crimes such as system takeovers, transaction fraud, cyber espionage and piracy.
Each attack profile follow global, regional and industrial trends. By measuring attack profiles,
we learn which types of attacks are most problematic and which are most likely to occur.
Those factors alone can be extremely important for organizational planning and budgeting.
Attack profiles give organizations a clear spectrum of threats for which they should be prepared.
Furthermore. each attack profile is made up of very specific ways cyber criminals execute their attacks.
We call these "attack vectors" (AV). The unique collection of variables that define an attack
constitutes an attack vector and includes parameters such as who is being attacked, what type of system
if being attacked, when is the attack executed, where is the attack executed, why is the attack executed,
and what method is used to attack. Each attack vector warrants a unique defense designed specifically
around the characteristics of the attack.
Knowing the particular strengths and weakness of an attack vector is crucial for administrating an appropriate
solution rather than an overly generalized defense that leaves gaping holes for cyber
attackers to exploit.
Internet Think Tank has developed and maintains a proprietary database of known and emerging
attack vectors. We analyze past and present attack profiles to enhance the richness
of our database. And we perform statistical and system dynamics modeling to predict which of
attacks will used against your organization. With our attack profiles and attack vectors,
our data driven approach will lead to your best decisions around cyber security.
Contact us so we can get started.
Strengthen your defences
Internet Think Tank's cyber security research and custom framework models can provide a sound
approach to defending againt cyber attacks.
Which attack profiles threathen your business?
Attack profiles describe the types of cyber crimes committed in the Internet theater.
And some are trending stronger than ever before.