Cybersecurity attacks, which have many business impacts, continuously become more intelligent and complex. These attacks take the form of a combination of various attack elements. APT attacks reflect this characteristic well. To defend against APT attacks, organizations should sufficiently understand these attacks based on the attack elements and their relations and actively defend against these attacks in multiple dimensions. Most organizations perform risk management to manage their information security. Generally, they use the information system risk assessment (ISRA). However, the method has difficulties supporting sufficiently analyzing security risks and actively responding to these attacks due to the limitations of asset-driven qualitative evaluation activities. In this paper, we propose a threat-driven risk assessment method. This method can evaluate how dangerous APT attacks are for an organization, analyze security risks from multiple perspectives, and support establishing an adaptive security strategy.
This research was supported by the Basic Science Research Program through the National Research Foundation of Korea (NKF), funded by the Ministry of Science and ICT (NRF-2020R1F1A1075605), and the BK21 FOUR program of the National Research Foundation of Korea, funded by the Ministry of Education (NRF5199991014091).