Threat Event

NIST SP 800-30 R1

According to the generic risk model introduced in NIST SP 800-30 R1, a risk is decomposed into a couple of factors as the diagram denotes.

Threat Event and TTP

A threat event involves tactics, techniques, and procedures (TTP for short). It’s a good practice to describe a threat event by starting with a verb so that it can be matched with threat sources to shape threat scenarios.

Good Practice

This good practice can be found in Table E-2 of Appendix E.

Questions to Ponder

What is a threat?

Do you have a definition in your mind that is shared, communicated, and agreed upon?

Risk Model vs Threat Model

Since we are talking about the threat, why it relates to risk and the model is called a generic risk model that includes threat things, instead of being called a generic threat model?

Related Posts

Leave a Reply