Cyber Threat Modeling

What is Threat Modeling?

Cyber threat modeling is a process whose goal is to identify the types of threats that can cause harm to an application, network or computer system. It is a method for enhancing network security by setting objectives, detecting flaws, and developing countermeasures to either avoid or mitigate the impact of cyber-attacks against the system. 

Simply speaking, threat modeling is taking the time to focus on any given area, consider the threats it faces and test out a course of action to mitigate them.  

Taking the perspective of a malicious threat actor, organizations can approach securing their network, application or system by considering how a malicious actor would try to enter their system or do other damage. Cyber security threat modeling typically takes place at the design or development stage to justify and determine security measures needed.

In short, creating a cyber threat intelligence model involves looking at your network, system or application, identifying the weak spots, coming up with mitigation strategies, implementing them, and making sure they work.

What is the Threat Modeling Process?

The process of threat modeling involves 5 main steps:

1. Define the scope and depth of your project. Decide which part of your organization you want to apply threat modeling to. Identify which assets are critical and need protection, which applications may be most vulnerable, and where your greatest risks lie.
   It is also important to define who you are building the threat model for and what are the agreed objectives. Is it for the application developers? Network administrators? Or is it for everyone involved in a particular project or segment of the organization?
2. Know your system. Create a network and application diagram to gain a visual understanding of exactly where your assets are and how everything is connected. The OWASP Threat Dragon is a cyber threat modeling tool used to create threat model diagrams as part of a secure development lifecycle.
   Also consider who may be likely to threaten your organization and why, this will add an angle as to how you will approach securing it.
3. Identify the threats and vulnerabilities. What could go wrong? Define the threat or vulnerability you are modeling. Now is also a great time to prioritize which of these threats are most urgent, according to their likelihood and the impact they’d have if they were to take place. Not every threat will warrant mitigation and can be accepted or ignored. Remember to research commonly known exploitable vulnerabilities to ensure you have covered everything connected to your scope.
4. Mitigate threats. Determine how to mitigate or remediate the identified threats and get them implemented! Mitigation can be regarded as countermeasures in threat modeling. Consider how controls will countermeasure specific threats.
5. Test to see if threats have indeed been mitigated.

Bonus step: Repeat. Threat modeling is most effective when continually implemented to stay up to date with your system and network.

If the threat modeling process sounds overwhelming, just remember that cyber attack threat modeling doesn’t need to be all or nothing. It can be limited in scope to a particular asset or network, to a particular threat or vulnerability. 

Start Getting Value With
Centraleyes for Free

See for yourself how the Centraleyes platform exceeds anything an old GRC
system does and eliminates the need for manual processes and spreadsheets
to give you immediate value and run a full risk assessment in less than 30 days

Start Free Trial Now

Start Free Trial Now

Learn more about Cyber Threat Modeling
Click Here

Threat Modeling Methods

There are different ​​methodologies that provide ways to assess the threats facing your IT assets. Here are some of the most common:

• STRIDE – STRIDE was developed by Microsoft and stands for 6 categories of security threats:
  • Spoofing
  • Tampering
  • Repudiation
  • Information Disclosure
  • Denial of Service
  • Elevation of Privilege.

Centraleyes Expert Tip! Check out the OWASP Threat Dragon tool if you’re using the STRIDE methodology.

• DREAD – First created by Microsoft but later disregarded citing doubts of its subjectivity, DREAD threat modeling is still used by many organizations including OpenStack, Fortune 500 companies and other small businesses. DREAD is a framework that uses an ordinal scale to evaluate threats. It represents:
  • Damage Potential
  • Reproducibility
  • Exploitability
  • Affected Users
  • Discoverability 

• P.A.S.T.A – A risk-centric threat modeling technique called Process for Attack Simulation and Threat Analysis (PASTA) provides a step-by-step process for integrating risk analysis and context right away into an organization’s overall security strategy.

• Common Vulnerability Scoring System (CVSS) – The Common Vulnerability Scoring System (aka CVSS Scores) provides numerical representation of the severity of infosec vulnerabilities on a score of 1-10.

• TRIKE – TRIKE is a methodology and tool for threat modeling. An open source project, which was started in 2006 as an effort to increase the efficacy and efficiency of current threat modeling approaches, is still being utilized and developed today.

Use threat models to better inform incident management, requirements, drive intelligence outputs and improve detection and preventative controls, as well as to better identify gaps in detection and response strategies.