Lockheed-Run Lab Creates Cyber Threat Metrics Method

May 10, 2012 | Filed under: Cyber | Posted by:

Site: lanl.gov

Organizations have been creating shared lists of cyber threat information but few can effectively describe or measure the attacks in a meaningful way, according to a recent report.

Sandia National Laboratories, which was reportedly researching a nuclear-powered drone with Northrop Grumman, issued the report in March, indicating that cyber attack definition and metrics are immature among organizations.

A Lockheed Martin subsidiary manages and operates the laboratories for the Energy Department.

In an effort to aid organizations put measurement to cyber events that sometimes appear to defy any measurement, Sandia created a generic threat matrix in the report. 

Lab researchers said the matrix will aid agencies and intelligence organizations to categorize threats, aiding in performing mitigative duties.

The matrix includes a threat level rating from one to eight; categorical sections such as cyber, kinetic and access; and the length of time an attack has occurred and its intensity level, among other factors. 

Analysts should categorize threats based on threat attributes including the threat’s actual ability and the willingness to act, the report said.

Fierce points out that Sandia’s suggestion differs from Mitre Corp.’s to examine and characterize threats in three categories: targeting, intent and capability.

Report authors noted that the matrix is a model that may need supplemental information such as incident data, attack vectors, target characteristics and threat multipliers.

Sandia’s report indicates additional research is needed to determine differing cyber threat categorization based on an individual analyst’s experience level.

The current model could benefit the Department of Homeland Security and help its federal network security program provide unclassified estimates of current threats acting on agency and department systems, report authors wrote. 

Related posts:

  1. Panetta: ‘We Have to Continue to Focus on the Threat of Cyber Attacks’
  2. Cyber Threat from… Canada?
  3. Adm. Mike Mullen: China Not the Only Cyber Threat
  4. Featured Job- Cyber Threat Analyst with Northrop Grumman
  5. Navy Develops New Strategies to Meet Rapidly Evolving Cyber Threat

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>