Generic Threat Matrices

The key piece of knowledge necessary for building defenses capable of withstanding or surviving cyber and kinetic attacks is an understanding of the capabilities posed by threats to a government, function, or system. With the number of threats continuing to increase, it is no longer feasible to enumerate the capabilities of all known threats and then build defenses based on those threats that are considered, at the time, to be the most relevant. Exacerbating the problem for critical infrastructure providers and utility owners is the fact that the majority of detailed threat information for higher-level threats is held in a classified status and is not available for general use, such as the design of defenses and the development of mitigation strategies. To reduce the complexity of analyzing threat, the complexity of the threat space must first be reduced. This is achieved by taking the continuous nature of that threat space and creating an abstraction that allows the entire space to be grouped, based on measurable capabilities, into a small number of distinctly different levels.

Threat profiles can be built from relative descriptors of a range of threats for the two families of threat attributes: Commitment and Resources. The Commitment threat attributes include Intensity, Stealth, and Time. The Resources threat attributes include Number of Technical Personnel; Knowledge — cyber, kinetic, or specialized; and, Access. The table below is a Generic Threat Matrix. Such matrices can be customized to fit particular systems.

See our report “Categorizing Threat: Building and Using a Generic Threat Matrix” for more information.

Top of page