IS/IT systems around the world are being attacked by both external and internal attackers. Organizations in the public and private sectors are investing more capital and operational resources to deal with these attacks. However without an adequate model of the attackers it is difficult to measure how effective and efficient the use of these resources will be in the long run. It can be that the IS/IT security measures that are being implemented only turn the current situation into a never ending cat and mouse game where the mouse always finds new ways to keep the cat busy.
On Tuesday 12/4/2011 Stewart Kowalski gave a presentation “Modeling the Attacker” in the Norwegian Information Security laboratory (NISlab) which is the information security group at Gjøvik University College, Norway. In his lecture Stewart Kowalski presented his past and current research in modeling the attackers of IS/IT systems using a socio-technical engineering approach.