Cybersecurity Risk Assessment: An Asset-Based Approach to Pre-Attack Threat Analysis

With the arrival of the digital era and the increasing importance of information technology, governments and enterprises alike have been targets of developing cyberattack campaigns performed by advanced persistent threat groups. In an effort to identify these cyber threat actors, the concept of threats, techniques, and protocols has been introduced by security professionals. Frameworks that compile TTPs such as MITRE ATT&CK are now commonly used in order to not only identify an advanced persistent threat group, but also to respond accordingly in the case of an attack. However, it is widely known that predicting assets at risk before an attack occurs is a challenging task given the attacker’s advantage. To mitigate this advantage, preparation for cyberattacks requires thorough analysis before an incident has occurred. This research aims to introduce a means to model and quantify risk by introducing with a focus on TTPs and attack trees for prioritization of assets in a timely manner. Furthermore, this methodology is applied to a real-world scenario to analyze the strengths and shortcomings.