New kinds of cyber attacks are notoriously difficult to predict. The statistical techniques that are used to estimate the frequency of physical crimes, natural disasters, and other adverse events are useless when it comes to cyber attacks. New attacks that were virtually unknown will suddenly appear and rapidly become commonplace, while others will suddenly fade into insignificance. Many experts have given up on the idea that the type and frequency of future cyber attacks could be predicted.
Yet for nearly a decade, the U.S. Cyber Consequences Unit (US-CCU) has managed to anticipate every important new type of attack and to predict roughly how soon it would occur.
This course will teach you the concepts and techniques that have made the US-CCU the world leader in cyber threat analysis. Instead of merely extrapolating from past events, it will show you how to take an ecological approach to anticipating the evolution of new threats. It will show you how to approach the problem of predicting attacks and their likelihood systematically and rigorously. It will demonstrate how to quantify the key preconditions for cyber attacks. It will help you identify and evaluate the attack scenarios that your organization should be preparing for. It will show you how to estimate the timing of those scenarios. Finally, it will show you how to present your analysis to senior management and defend your conclusions.
The course will be taught by Scott Borg, the Director of the U.S. Cyber Consequences Unit, who originated many of the state-of-the-art methods for carrying out cyber threat analysis.
The topics that will be covered in this course include:
- The six types of seriously dangerous cyber attackers and their distinctive qualities
- The seven ways attackers can gain by cyber attacks and how to quantify these
- The ways attackers select targets
- Understanding how attractive a target a given business or agency would be, relative to other organizations
- The four kinds of business damage cyber attacks can cause
- How to identify the specific information systems that need defending and the specific kinds of attacks they need to be defended against
- The four categories of capabilities necessary for each cyber attack and how to quantify these
- How difficult or costly it would be for a given attacker to assemble these capabilities
- The return-on-investment for a given cyber attack from an attacker’s standpoint
- Possible warning signs that an attack is being prepared
- The techniques for estimating how soon or how frequently a given cyber attack can be expected
- The strategies for reducing cyber-attack threats
Cost of each course: $1,200 for corporate attendees, or $1,000 for government or academic attendees. (Payable by credit card over the phone.)
Venue (in Washington, DC): Carr Workplaces, 12th Floor, Potomac Building, 1001 N. 19th Street in Rosslyn (Arlington), two and a half blocks from the Rosslyn Metro stop and just across the bridge from Georgetown.
Arrangements can also be made for the courses to be taught to groups and at other locations.
Additional information: Please contact the course administrator through email.