The threat assessment model and methodology are developed based on the study and analysis of threat agents found in the real-time informational network. These models and methodology are dynamic system frameworks designed to understand the assets of an organization and threats to the business. The key findings and conclusion of threat assessment rely on the information extracted from the identified threat agents, using several attributes like threat profiling, critical threat intelligence (CTI), and determining the impact based on motivation, opportunity, and capability of the threat an organization/business. However, threat models and methodology enable us to perform a proactive cybersecurity threats assessment in an informational environment. The further investigation of the threat agent's incident also reveals different approaches followed by several existing models and methodologies. This research will present the existing risk assessment model's weaknesses and limitations and show how the current models and methodology fail to cover a comprehensive pattern analysis of captured packets from the network. In reflecting on this work, we use hypothetical and real-world examples of threat agents and analyze the threat agent's attributes (motivation, capability, and opportunity) that are not covering in standard threat agent taxonomies.
|2021 IEEE Bombay Section Signature Conference, IBSSC 2021
|3rd IEEE Bombay Section Signature Conference, IBSSC 2021
|18/11/21 → 20/11/21
- Critical Threat intelligence (CTI)
- Risk Assessment
- Threat Agents