SecureByDesign-Playbook
Quick-Start: Threats
Active adversaries (sometimes called threat actors) are people and groups that deliberately or accidentally compromise our assets. The threat they pose depends on their skills, tools, and their motivation to attack your spaces and assets.
For a quick-start we will consider only a few main categories of attacker: “Criminals”, “Competitors” and “Insiders”, and we can use a coarse score “low”, “medium” and “high” for their capability (skills, tools, experience, resources) and their motivation.
For example:
| Adversary | Capability | Motivation |
|---|---|---|
| Criminal Hackers | High | Low |
| Competitors | Medium | Medium |
| Insiders | High | High |
If your environment is unusual have a look through the Smart Threat Assessment registry and add any that are appropriate, but as usual keep it simple for the quick start.
We provide a simple Quick-start Threat Registry; it’s just a list as above. See also an explanation video.
Back to Playbook ● Home Example ● Next: Quick-Start Security Picture ● Smarter Threat Assessments