Cybersecurity: Detect - Characterize

Best Practices for Cybersecurity Threat Actor Detection, Characterization and Response

Question

Answered

Prompt

As a professional in the field of cybersecurity, you should be aware of best-practice tactics and methods necessary for responding to a variety of cyber threat actors. For this activity, you will research and determine factors to detect, characterize, and counter a range of threat actor situations to place into a decision aid template. This milestone will prepare you to think proactively and ethically in terms of what threat actors would do to attack organizational assets.

Be thorough in completing the decision aid. Upon completion, this is a recommended artifact for your cyber playbook and will be tagged with the Human Security icon. You may use the Decision Aid Template or a blank Word document to address the critical elements for the Project Three Milestone. This decision aid will inform your technical brief in Project Three, which will be based on a scenario your instructor provides in the Project Three announcement. You will not use all the tactics and methods you researched, but rather choose and refine your answers based on the specific situation.

Prompt: In your decision aid, address the critical elements listed below.

I.Detection
A. Describe at least seven best practices or methods for detecting a threat actor specific to the categories in the decision aid template. Use research from the resource guide to support your responses.

II.Characterization
A.Define at least five types of threat actors specific to the categories in the decision aid template. Use research from the resource guide to support your responses.

B.Describe at least four motivations or desired outcomes of threat actors specific to the categories in the decision aid template. Use research from the resource guide to support your responses.

C.Identify the company assets of at least seven types of institutions that may be at risk from a threat actor specific to the categories in the decision aid template. Use research from the resource guide to support your responses.

III. Response
A.Describe at least three potential counterstrategies or tactics that you might use to respond to and counter a threat actor (reactive approach). Use research from the resource guide to support your responses.

B.Describe at least three potential strategies or tactics that you would employ to reduce the likelihood of the same situation happening again (proactive approach). Use research from the resource guide to support your responses.

C.Explain your reason for determining the threat actor you chose (Response: Parts A and B) and justify your strategies to both proactively and reactively respond to that type of threat actor.

Critical Elements	Elements Met (100%)	Elements Need Improvement (75%)	Elements Not Evident (0%)	Value
Detection: Detecting a Threat Actor	Describes at least seven best practices or methods for detecting a threat actor specific to the categories in the decision aid template	Addresses “Elements Met” criteria, but there are gaps in clarity, logic, or detail	Does not address critical element, or response is irrelevant	13
Characterization: Type of Threat Actors	Defines at least five types of threat actors specific to the categories in the decision aid template	Addresses “Elements Met” criteria, but there are gaps in clarity, logic, or detail	Does not address critical element, or response is irrelevant	13
Characterization: Motivations	Describes at least four motivations or desired outcomes of threat actors specific to the categories in the decision aid template	Addresses “Elements Met” criteria, but there are gaps in clarity, logic, or detail	Does not address critical element, or response is irrelevant	13
Characterization: Company Assets	Identifies the company assets of at least seven types of institutions that may be at risk from a threat actor specific to the categories in the decision aid template	Addresses “Elements Met” criteria, but there are gaps in clarity, logic, or detail	Does not address critical element, or response is irrelevant	13
Response: Counterstrategies	Describes at least three potential counterstrategies or tactics to respond to and counter a threat actor	Addresses “Elements Met” criteria, but there are gaps in clarity, logic, or detail	Does not address critical element, or response is irrelevant	13
Response: Reduce the Likelihood	Describes at least three potential strategies or tactics to reduce the likelihood of an incident occurring in the future	Addresses “Elements Met” criteria, but there are gaps in clarity, logic, or detail	Does not address critical element, or response is irrelevant	13
Response: Explain	Explains reason for choosing threat and justifies strategies to both proactively and reactively respond to that type of threat actor	Addresses “Elements Met” criteria, but there are gaps in clarity, logic, or detail	Does not address critical element, or response is irrelevant	13
Citations	Submission includes citations for each critical element and has no major errors related to citations	Submission includes some citations or has some errors related to citations	Submission does not include citations or has critical errors related to citations	5
Articulation of Response	Submission has no major errors related to grammar, spelling, or organization	Submission has some errors related to grammar, spelling, or organization that negatively impact readability and articulation of main ideas	Submission has critical errors related to grammar, spelling, or organization that prevent understanding of ideas	4
Total				100%