Cybercrime is often organized, and the actual individuals that are perpetrating the different parts of the attack might not be aware of or interested in the overall organizational motives behind the attack. In this paper, based on interviews with IT security experts, we build on the attacker persona methodology and extend it with methodology to also handle organizational attacking motives in order to tackle organized cybercrime. The resulting framework extends the attacker persona methodology by also using narratives in order to assess the own organization’s security. These narratives give rise to intrigue sketches involving any number of attacker personas which, hence, make it possible to take organized cybercrime into account.
Content
Author and article information
Contributors
Muhammad Adnan Tariq
Joel Brynielsson
Henrik Artman
Conference
Publication date:
September
2012
Publication date
(Print):
September
2012
Pages: 1-4
Affiliations
[0001]Royal Institute of Technology
SE-100 44 Stockholm, Sweden