Executive Summary
Introduction
Objectives
Assumptions - Axioms
Why Start With Assumptions?
Agreement Required
Key Axioms & Assumptions
The Thought Experiment
Definitions
#1 Abuse of Functions
#2 Exploiting Server
#3 Exploiting Client
#4 Identity Theft
#5 Man in the Middle
#6 Flooding Attack
#7 Malware
#8 Physical Attack
#9 Social Engineering
#10 Supply Chain Attack
Data Processing Pathways
Clarifications
Bridging Strategy & Operations
Strategic Management Layer
Operational Layer
Cyber Risk Events & Incidents
Consequences
Integration Between Layers
The Anatomy of Risk
Cyber Bow-Tie & Risk-Management
Clarification on Central Event
Data Risk Event Types
Sequences in Cyber Threat Clusters
There are NO overlappings
Sequences in Attacks: An Example
Concept Applicability
At Interface Level (API)
At Function Call Level
Vertical Stack Application
Standardizing Strategic Cybersecurity
Refinement of Clusters
Standardizing Operational
Buzz-Word Refinement
Standardized Attack Path Notation
Multi-Layer Notation Convention
Real-World Application
Domain Boundaries & Transitions
MFA Bombing Example
IT Systems, Assets, and TLCTC
The Challenge
Core Principles
Strategic vs. Operational
Conclusion
A. Leveraging NIST CSF
Cyber Threat Cluster Control Framework
Application
KRI, KCI and KPI
Hierarchical Framework
B. SSDLC Integration
Secure Coding Practices
C. Introducing Cyber Threat Radars
The Current Challenge
Enter the Cyber Threat Radar
Key Benefits
Versatile Application
Understanding Visualizations
Attacker profiles
D. Threat Intel - MITRE & STIX
Enhancing STIX
Enhancing MITRE ATT&CK
E. Threat Intel - Real World Examples
NSO Pegasus
Emotet@Heise
Cobalt Strike
F. Oversimplification?
<p>Your browser does not support iframes. Please <a href="TLCTCWhitePaperVersion1.9.1.html">click here</a> to view the whitepaper.</p>