STAR Webcast: Quantifying Threat Actor Assessments

  • Webcast Aired Thursday, 28 Jan 2021 11:00AM EST (28 Jan 2021 16:00 UTC)
  • Speakers: Katie Nickels, Andy Piazza

The cyber threat landscape is a complex mix of adversaries, vulnerabilities, and emerging capabilities. Within this environment, Chief Information Security Officers (CISOs) must prioritize resources and projects to maximize their defenses against the most significant threats. The challenge, though, lies in assessing threats to an organization in a meaningful way. By assessing threat actors' intent to target a specific organization for certain attack types, information security leaders can determine which malicious actors are most likely to target their enterprise. The assessment of the threat actors' documented capabilities for those specific attack types allows leaders to wade through the fear, uncertainty, and doubt (FUD) of vendor marketing and nation-state saber-rattling to prioritize capabilities for defensive posturing. This webcast introduces the Threat Box, a threat modeling framework, which portrays threat actors' intent and capabilities as an executive communication tool for Cyber Threat Intelligence (CTI) leaders to depict the prioritization of threat actors.