Wednesday, August 23, 2017

Understanding Threat




There is no single solution for keeping yourself safe in cyberspace or in the physical world. Individual OPSEC and Personal Security isn’t about which tools you use; rather, it’s about understanding the threats you face and how you can counter those threats. To become more secure, you must determine what you need to protect, and from whom you need to protect it. Threats can change depending on where you’re located, what you’re doing, and with whom you’re working. Therefore, in order to determine what solutions will be best for you, you should conduct a threat assessment of your personal life.

When conducting this threat assessment, there are five main questions that you should ask yourself:

1. What do you want to protect?
2. Who do you want to protect it from?
3. How likely is it that you will need to protect it?
4. How bad are the consequences if you fail?
5. How much trouble are you willing to go through in order to try to prevent those consequences? (Electronic Frontier Foundation, 2015)

By increasing the effort required to target you it is often possible to cause an adversary to choose a different target. Cyber-criminals, corporate spies, foreign agents, and even government investigators frequently target the ‘low-hanging-fruit’, they go after the easiest, most cost-effective targets. Even if you are the specific target an adversary is after; it is important to remember that not all adversaries have unlimited resources, nor do they have unlimited capabilities. It is quite possible to employ security that requires greater resources to defeat than an adversary has readily available.

It is also important to employ security in depth.  An adversary may be able to defeat a single security measure.  No security is perfect.  By increasing layers of security, building depth into your security plan, the weaknesses and exploitable vulnerabilities in one security measure may be covered by the strengths of another.

Finally, remember that no security measure is of any value if it is not used. If security becomes too difficult, it will not be used regularly. The human factor is often the greatest weakness in any security program. When looking at the various security applications that we discuss here, choose the ones that you can and will employ on a regular basis. Good security employed consistently is better than great security employed occasionally.



No comments:

Post a Comment

Note: Only a member of this blog may post a comment.