Written on
May 14, 2020

Responding to a threat that cannot be identified

Responding to a threat that cannot be identified

A very unfortunate situation in security involves building response scenarios for threats that you are unable to identify in real time. It is very nice to have SOPS and protocols for scenarios but what about the identification process? This stage is usually skipped and accounts for the vacuum that is created between your assessments, procedures and your actual capability to identify these threats.

Consequently. let us analyze the chronological steps that should be implemented:

Define your threats

Define whether you have real capabilities for dealing with these threats

If you do not have the adequate capabilities or there is a discrepancy, address it

Develop your capabilities

Invest in the identification process- You cannot find something you don't understand or know

Design your security system according to your adversary capabilities

Develop a response mechanism for each threat and its modus operandi

When you have completed this process, you can start building procedures which will be built according to what the field and reality dictates. These procedures must then be tested and if they are not adequate they must be adjusted until they correspond to your threats.

All this process begins and ends with a strong foundation of the identification process.