What Are Threat Actors?

Sources of Risk


Sources of Risk can include any number of elements, however they can broadly be considered as:

  1. Threat Actors (Criminals, Hackers, etc.)

  2. Hazards (Explosives, Technology, etc.)

Threat Actors

Sources of risk (Threat Actors) can come from a multitude of sources. However, the following broad categories can be a useful framework for analyzing sources of risk in a consistent fashion.


PLEASE NOTE: There is an inherent limitation in seeking to definitively categorize Threat Actors. These individuals and groups often fit into several categories. Examples include an Insider who commits a serious crime being concurrently part of a Serious Organized Criminal (SOC) group, or an Issue Motivated Group (IMG) who demonstrates the behavior of a Petty Criminal etc.




Hazards

Some examples of potential hazards which could be used by Threat Actors.

  • Explosives (e.g. Improvised Explosive Devices)

  • Technology (e.g. Pineapple Tetra)

  • Radio frequency jammer

  • Unsecured microphones and cameras

  • Weapons (e.g. Guns, knives, etc.)

  • Software (e.g. hacking software, ransomware)

  • Hardware (e.g. electronic listening devices, keystroke loggers)

  • Nuclear (e.g. nuclear bombs or material)

  • Biological (e.g. White powder)

  • Radiological (e.g.radioactive ‘dirty bombs’)

  • Chemical weapons

  • Staff incompetence (e.g. inadequate IT security training)

  • Financial instruments (e.g. fraudulent invoices)

61 views

Recent Posts

See All

The SRMBOK Maturity Model

Security Risk Management Body Of Knowledge (SRMBOK) The SRMBOK maturity model addresses the following four levels: Level 1 INITIAL Level 2 BASIC Level 3 REPEATABLE Level 4 OPTIMIZING The model also ad

©2019 by Julian Talbot