Saw this acronym to describe the types of cyber threats and thought it was useful.
STRIDE
Spoofing – Falsifying identity to gain systems access
Tampering – Making unauthorized changes to data or systems
Repudiation – Forging identify of actions to data or system to deny responsibility or even blame a 3rd party
Information Disclosure – Stealing (exfiltrating) information and disclosing it to unauthorized individuals
Denial of Service – Depriving legitimate users access to data or systems
Elevation of Privilege – Transforming user account to allow it to exceed legitimate user privileges (e.g. admin account or superuser)
Funny-sad enough, these six types of cyber attacks can cause any information security officer to lose their stride. 😉
(Source Photo: Andy BlumenthalÂ
andyblumenthal 