(no title)

The toughest question in digital security is “who cares” because it is usually extremely difficult to determine the impact of an intrusion. Consider the steps required to define the business and operational impact of the theft of intellectual property (as one example — there are many others).

The victim must learn that an intrusion occurred.
The victim must determine exactly what IP was stolen.
The victim must understand the adversary’s capability and intention to exploit the stolen IP.
The victim must recognize when the adversary exploits the stolen IP by using it in an operational context.
The victim must determine what countermeasures or changes in courses of actions are possible to mitigate the adversary’s exploitation of the stolen IP.
The victim must synthesize most or all of the previous points into an assessment of the business and operational cost of the IP theft.