Sunday, November 02, 2003

Threat Matrix Chart Clarifies Definition of "Threat"

I ran across this chart at the Kentucky government security page, of all places. They must have reproduced it from a Department of Homeland Security briefing. It shows the five components used to judge a threat: existence, capability, history, intentions, and targeting. My earlier definitions focuses on capability and intentions, as I believe existence is taken for granted once you begin a threat assessment. You can easily wrap history into intentions. Targeting is a "special form" of intentions, meaning current intelligence suggesting plans for imminent attack against specific targets. As an enemy meets more of the criteria, the threat rating increases from "low" to "severe."

Update:A blog visitor asked if publication of this chart was a sarcastic move. While I don't think this matrix represents the ultimate in threat assessment, I reproduced it here to show some of the elements used to assess threats. They include the five components mentioned earlier. The choice of words "severe, high," etc., don't fit with any threat model I've used in the military. We had THREATCONs which used words like "normal, alpha, bravo," etc. THREATCONs became Terrorist Force Protection Conditions (FPCON) in 2001.

I'm looking forward to the first Cyber Threat Matrix by Echo CCT.