Accession Number DE2012-1039394
Title Cyber Threat Metrics.
Publication Date Mar 2012
Media Count 39p
Personal Author C. Trevino C. Veitch J. Frye J. Michalski M. Harris M. Mateski S. Marouka
Abstract Threats are generally much easier to list than to describe, and much easier to describe than to measure. As a result, many organizations list threats. Fewer describe them in useful terms, and still fewer measure them in meaningful ways. This is particularly true in the dynamic and nebulous domain of cyber threats - a domain that tends to resist easy measurement and, in some cases, appears to defy any measurement. We believe the problem is tractable. In this report we describe threat metrics and models for characterizing threats consistently and unambiguously. The purpose of this report is to support the Operational Threat Assessment (OTA) phase of risk and vulnerability assessment. To this end, we focus on the task of characterizing cyber threats using consistent threat metrics and models. In particular, we address threat metrics and models for describing malicious cyber threats to US FCEB agencies and systems.
Keywords Computer security
Cyber threats
Data processing security
Metrics
Risk
Security
Threats
Vulnerability
 
Source Agency Technical Information Center Oak Ridge Tennessee
NTIS Subject Category 62 - Computers, Control & Information Theory
Corporate Author Sandia National Labs., Albuquerque, NM.
Document Type Technical report
Title Note N/A
NTIS Issue Number 1219
Contract Number DE-AC04-94AL85000

Science and Technology Highlights

See a sampling of the latest scientific, technical and engineering information from NTIS in the NTIS Technical Reports Newsletter

Acrobat Reader Mobile    Acrobat Reader