Activity-in-Diagram: Characterize the Cyber Threat

CreatorTim Ramey

Description

The CyWG uses the system's current threat intelligence to determine if the expected threat adversary has the current or indicated potential motivation and capability to access the system and exploit mission-critical functions as identified in the attack surface analysis.

The CyWG develops a threat profile, incorporating known cybersecurity adversary objectives, resources, and Tactics, Techniques, and Procedures (TTPs) and evaluates the threat likelihood in terms of difficulty of attacks. This helps prioritize the attack surface list, to document the desired threat representation for testing, determining, and prioritizing the adverary's desired mission-based effects.

The CyWG updates the threat profile with additional information as needed to support an ongoing understanding of the attack surface. Threats will evolve and new vulnerabilities will become known in the future.

Owning Diagram A22: Analyze the Attack Surface

Output

need for additional requirement

cyber threat

Control

threat intelligence estimate

Cheif Developmental Tester

Mechanism

Cybersecurity DT&E Technical Experts