Advanced persistent threats (APT) are increasingly attracting the attention of the security bodies, since they target all kinds of organizations from private and public sector companies to military and political institutions.
An external approach, which supplements the current one, provides a context and enables to develop more effective strategies in the medium to long term.
It focuses on threat analysis, on the opponent and the negotiating processes vs the current approach, which is focused on the vulnerability or the surface of the attack.
The opponent is an entity with its own motivation, objectives, resources, operational sophistication and, in many cases, it has its own intelligence and counterintelligence capacities, in many cases.
Focusing on the opponent’s space requires both analytical capabilities in other domains and an excellent operational risk management (OPSEC).