This talk investigates technical and non-technical factors that influence adversarial decision-making (ADM) in critical infrastructure cyberattacks. Individuals from both the electricity industry and hacking communities are surveyed and interviewed. Nine factors influencing ADM emerged and were organized to create the PARE RISKS framework: (P) Prevention Measures; (A) Attacks and Alliances; (R) Result; (E) Ease of Access; (R) Response and Recovery; (I) Interconnectedness and Interdependencies; (S) Security Testing, Assessments, and Audits; (K) Knowledge, Skills, Research and Development; and (S) System Weaknesses. Cyberattacks occur as a step-by-step process, with five distinct stages: preparation, entry, initiation, attack dynamics, and exit.