Identify resources required to build capabilities
As with legitimate development efforts, different skill sets may be required for different phases of an attack. The skills needed may be located in house, can be developed, or may need to be contracted out. 
Tactic: Build Capabilities
DetectionDetectable by Common Defenses (Yes/No/Partial): No
Explanation: Recruitment is, by its nature, either clandestine or off the record.
Difficulty for the AdversaryEasy for the Adversary (Yes/No): Yes
Explanation: Like target organizations, adversary organizations are competing to identify and hire top technical talent. Training less technical staff is also a viable option.
- Mandiant. (n.d.). APT1: Exposing One of China’s Cyber Espionage Units. Retrieved March 5, 2017.