The Sliding Scale of Cyber Security

The Sliding Scale of Cyber Security is a model for providing a nuanced discussion to the categories of actions and investments that contribute to cyber security. The five categories in the scale are Architecture, Passive Defense, Active Defense, Intelligence, and Offense. The continuum between the five categories helps visualize that not all actions are static or easily defined. Understanding these interconnected categories that contribute to cyber security helps individuals and organizations better understand the purpose and impacts of their resource investments, establish a maturity model for their security program, and break down cyber attacks to identify root cause analysis in a way that encourages growth by defenders over time. The understanding of each phase helps individuals and organizations understand that categories on the left hand side of the scale build the appropriate foundation that make the other actions of the scale more obtainable, useful, and less resource intensive. The goal should be to invest resources starting on the left hand side of the scale and address those issues to achieve a proper return on investment before allocating significant resources to the other categories. This approach recognizes the increasing cost of success to adversaries facing properly prepared organizations and empowers defenders to engage security in a manner that evolves over time.

Read the paper at SANS Institute.


Robert M. Lee is a fellow in the Cybersecurity Initiative. He is Founder and CEO of the cybersecurity company Dragos, Inc., a SANS Institute course author and researcher, and a PhD candidate at Kings College London.