Implementing a risk based security program and appropriate controls against adaptive cyber threat actors can be a complex task for many organizations. With an understanding of the basic motivations that drive cyber-attacks organizations can better identify where their own assets may be at risk and thereby more efficiently and effectively address identified risks. This article will discuss the Rational Actor Model (RAM) as well as the seven primary intrinsic and extrinsic motivations for cyber attackers.
Deterrence and security theory fundamentally rely upon the premise that people are rational actors. The RAM is based on the rational choice theory, which posits that humans are rational and will take actions that are in their own best interests. Each decision a person makes is based upon an internal value calculus that weighs the cost versus the benefits of an action. By altering the cost-to-benefit ratios of the decisions, decisions, and…
 |
Posted by: Chris Mark |
The post Understanding cyber attacker motivations to best apply controls appeared first on Cybersecurity Insiders.
February 19, 2020 at 09:08PM
0 comments:
Post a Comment