Modern applications are probed, scanned, and attacked every day, making cybersecurity a constant and evolving challenge.

Traditional threat modeling alone cannot fully prepare us to defend effectively, we must also study attackers themselves—their archetypes, motivations, and evolving tactics.

This approach examines the full spectrum of adversaries, from opportunistic actors and profit-driven cybercriminals to sophisticated state-sponsored groups. Understanding how tools, techniques, and geopolitical shifts shape their targets allows security teams to design defenses grounded in reality rather than theory.

Real-world events in 2024–2025 illustrate the diversity and persistence of modern threats. The Snowflake data breach exploited weak credentials and misconfigurations to compromise more than 160 customer environments, including AT&T and Ticketmaster, resulting in stolen data and extortion campaigns. Meanwhile, the Salt Typhoon telecom breach, a Chinese state-backed operation, leveraged unpatched vulnerabilities to infiltrate major U.S. telecom providers, exfiltrating sensitive data and highlighting the strategic risks of infrastructure-level attacks.

These incidents reveal the spectrum of adversaries: from insiders with access, to profit-motivated cybercriminals, up to nation-state groups. They exploit everything from human error to advanced persistent techniques. Studying who is attacking us, why, and how they operate sharpens organizational focus, strengthens defenses, and empowers strategies that protect both assets and trust.

---
archetype
noun [ C ]
a typical example of something, or the original model of something from which others are copied.

What makes this session different?

I am into Threat Modeling. I helped two companies adopt a meta framework I developed. We live in a VUCA world. While you blink twice, the world has changed. I keep my observations up to date so that I can turn them into knowledge. I am ready to share them with you so you can use them in your way of learning and adapting.