Threat Agents: what InfoSec officers need to know

Stilianos Vidalis, Andrew Jones

Research output: Contribution to journalArticlepeer-review

1892 Downloads (Pure)

Abstract

Modern risk assessment techniques recognize that there is a need to perform a threat assessment in order to identify the threats that a system is facing, and the agents that are able to manifest them. Most of them though do not incorporate the process of identifying and analyzing threat agents. Generally, the defenders of computing infrastructures, having spent their professional lives in the “good” side of the wall, would not recognize the identity of a threat agent even when they discover one. Gathering IDS data and analyzing them is a challenge on its own, but identifying threat agents, and analyzing their attributes is a different game altogether. Is an agent motivated enough to pursue his/her target? Does the agent have the technical capability and the knowledge required to exploit a vulnerability? Do enterprises present any of their vulnerabilities to the rest of the world, hence giving threat agents the opportunity to perform active attacks? These are some of the questions that are being addressed in this paper. Our intention is not to put labels in certain categories of people, rather to try and understand these and stimulate the discussions between all those that have good faith.
Original languageEnglish
Pages (from-to)97-110
JournalMediterranean Journal of Computers and Networks
Volume1
Issue number2
Publication statusPublished - 30 Oct 2005
Externally publishedYes

Keywords

  • threat agent
  • threat agent identification
  • threat agent analysis
  • threat assessment

Fingerprint

Dive into the research topics of 'Threat Agents: what InfoSec officers need to know'. Together they form a unique fingerprint.

Cite this