Global Security, Privacy, & Risk Management

I am back ;) “The Markerian Heptad and Understanding Attacker Motivations” February 24, 2020

It has been a bit of time since I have posted.  I am back with a blog post I wrote for AT&T CyberSecurity Blog. Titled, “Understanding CyberAttacker Motivations”  It discusses what I call the “Markerian Heptad” (Yes..I named it after myself 🙂 and describes the 7 basic motivations that underpin why an attacker would target a particular person, company, organization, etc.

“Implementing a risk based security program and appropriate controls against adaptive cyber threat actors can be a complex task for many organizations. With an understanding of the basic motivations that drive cyber-attacks organizations can better identify where their own assets may be at risk and thereby more efficiently and effectively address identified risks.  This article will discuss the Rational Actor Model (RAM) as well as the seven primary intrinsic and extrinsic motivations for cyber attackers.

Deterrence and security theory fundamentally rely upon the premise that people are rational actors. The RAM is based on the rational choice theory, which posits that humans are rational and will take actions that are in their own best interests.  Each decision a person makes is based upon an internal value calculus that weighs the cost versus the benefits of an action.  By altering the cost-to-benefit ratios of the decisions, decisions, and therefore behavior can be changed accordingly. 

It should be noted at this point that ‘rationality’ relies upon a personal calculus of costs and benefits.  When speaking about the rational actor model or deterrence, it is critical to understand that ‘rational’ behavior is that which advances the individual’s interests and, as such, behavior may vary among people, groups and situations.”..READ MORE HERE!