Identifying vulnerabilities and potential security threats while weighing the impact on an organization will assist with prioritizing how to address these weaknesses. This is threat modeling. Primarily used as a standard for software developers, the concepts can be applied to an entire network infrastructure as a means to identify and mitigate security risks. The key advantages of threat modeling is the ability to prioritize threats, define countermeasures to prevent or mitigate, and adopt and develop new tools.
There are many different approaches you can take in determining your threats and vulnerabilities. Microsoft defines this through a series of steps.
The most straightforward outline was produced by Goran Aviani, a software engineer.
- What are we working on?
- What can go wrong?
- What are we going to do about it?
- Did we do a good job?
No matter what methodology you use, it is important to plan by identifying assets and mitigation capabilities. Assess the risks and rank the threats. An additional step would be to perform threat mapping, a process that follows the path of threats throughout your network. How can the attacker move from one resource to another?
Threat modeling can assist with structuring an incident response plan. Documenting how data flows through your system, identifying potential threats and putting security controls in place to reduce the likelihood of the threat will greatly add to improving your overall cybersecurity posture.