The Value of Threat Modelling 1
|
|
- Agatha Reed
- 8 years ago
- Views:
Transcription
1 The Value of Threat Modelling 1 Authors Tim Williams MSc (Royal Holloway, 2014) Lorenzo Cavallaro, ISG, Royal Holloway Summary Threat Modelling is an umbrella term covering a variety of powerful techniques for understanding the underlying causes of risks, enabling more effective risk management solutions to be designed and implemented. Every possible risk is caused by one or more underlying threats, and identifying and understanding threats enables earlier and more complete risk mitigation. As yet there is no generally accepted approach to Threat Modelling. However the shared aim of most techniques is to facilitate rapid, cost-effective exploration of leading indicators of future risks, allowing appropriate risk mitigation resources to be assigned in a timely manner. In general Threat Modelling should be performed actively throughout the development lifecycle of systems and software. Since it is impossible to predict all threats, even the best threat models are subject to errors and omissions. A well-managed Threat Modelling process ensures that analysis of actual incidents and live threat intelligence feeds are used continuously to refine Threat Models. This article gives an overview of the value of Threat Modelling and describes some common modelling techniques. What is Threat Modelling? Threat modelling is a valuable component of enterprise risk management. It focuses on developing a shared understanding of risks in terms of their underlying causes, the nature of possible adverse events caused by identified threats, the most likely intentional attack vectors, the extent to which threat exposures and intentional motivations are controllable, and the ways in which the probability and impact of adverse events can be reduced. What is a Threat? A threat is a risk factor someone or something that can cause a risk or increase an existing risk. Most threats from people/organisations are intentional. Most threats from things/environments are unintentional. Threats may also arise from human negligence. Some intentional and/or negligent human threats agents can be influenced to cause fewer risks, so some very effective risk mitigations involve influencing the motivation and behaviour of human threat agents. Threats which could result in risks to life, health, property or the environment may be described as hazards. Hazards may have intentional, negligent or unintentional causes. 1 This article is to be published online by Computer Weekly as part of the 2015 Royal Holloway info security thesis series. The full MSc thesis is published on the ISG s website. 1
2 Many organisations such as the Open Web Applications Security Project (OWASP), MITRE, Intel, Microsoft and the Web Application Security Consortium (WASC) all recommend Threat Modelling. What is a Threat Model? A threat model is a representation of threats which aids identification and understanding of the causes of risks, their potential consequences (impacts) and the probable effectiveness of various interventions to mitigate risks. Threat models are, in effect, abstract design descriptions of risk factories where risks are generated. It is easier to understand how risks arise if the root causes are clearly described using design artefacts such as clear diagrams, tables and supporting notes. This table identifies generic examples of threats which may need to be modelled: Threat Cause Intentional / Active Unintentional / Passive Internal Employee Contractor Authoriser Privileged User Systems Administrator Human Errors Incorrect requirements Process Design Errors Security Design Errors Implementation Errors Operational Weaknesses Unidentified Failure Modes False positive results from positive security testing False negative results from negative security testing Threat Origin External Competitors Suppliers Customers Journalists Hackers Organised Criminals Terrorists Governments Unreliable components: - Hardware defects - Software defects Unreliable services: - Power failures - Network failures Environmental Disasters - Sunspots/Radiation - Fire - Flood/Tsunami - Hurricane/Tornado - Earthquake - Nuclear/Biological contamination Why is Threat Modelling so important? Developing and reviewing threat models makes it easier for stakeholders to understand the causes of risks and what should be done to mitigate them. Since every threat is potentially the cause of multiple risks, focusing risk mitigation resources on threats/causes is far more efficient than focusing on particular risk instances. Threat Modelling enables: 1. the root causes of risks to be more fully understood; and 2. risk mitigation resources to be applied to best effect. 2
3 How do Threats and Controls Interact? Each security control added to reduce identified risks also increases the potential attack surface for intentional threats and introduces potential new unintentional failure modes. Residual risks to assets are the end result of interactions between intentional threats, unintentional threats and controls. Without understanding threat/control interactions, risks cannot be assessed early, completely and accurately. Preparing and reviewing threat models from the outset of any IT project maximises the chances of identifying and mitigating threats before any risks have occurred. How do Threats relate to Risks? Intentional threats lead to risks if related controls are inadequate i.e. if there are exploitable vulnerabilities. Modelling intentional threats helps to distinguish exploitable vulnerabilities from vulnerabilities which are already adequately protected. Some vulnerabilities can lead to risks without any involvement of intentional threat actors. For example a system component might fail in normal use. The impact could be temporary loss of system availability, permanent loss of information or uncontrolled release of sensitive information. When performing Threat Modelling it is important to ensure that potential unintentional failure modes are analysed both separately and in terms of how they interact with identified intentional threats. What Threat Modelling Techniques Exist? Different techniques are needed to explore and illustrate the causes and impacts of threats according to context. To handle differences in level of detail, different models may be needed at organisation, division, business process, system and component level. Similarly according to lifecycle stages, early exploration of threats at the requirements analysis stage requires different Threat Modelling techniques from those needed to support detailed pre go-live testing. The required level of fidelity (degree of exactness) also varies: in order to represent and explore threats for large and complex systems, it may be necessary to instantiate dynamic threat models using software and hardware rather than simply using static analysis techniques. Other reasons why different techniques are needed are due to differences in Threat Origin (internal/external) and Threat Cause (intentional/negligent/unintentional). The majority of Threat Modelling approaches include: architecture analysis focusing on data assets, data owners and controls; graphical presentation formats supported by text, to promote stakeholder involvement in construction and validation of threat models; and suggested groupings for similar items (threats, assets, vulnerabilities, controls etc) to simplify analysis. 3
4 Typically it is necessary to prepare and review more than one threat model. Common information presentation formats used in Threat Modelling include: Attack Chains / Kill Chains summarising generic strategies/phases typically used for attacking and defending enterprise information assets Use and Abuse Cases identifying system functions which may be used/misused Attack Trees enumerating possible attack methods against a defined target Data Flow Diagrams highlighting where data exists, where it crosses boundaries between security zones and how it may be attacked Fault Trees enumerating for a system possible unintentional failure modes Cyber Threat Laboratories simulating realistic threats without risking live data Threat Matrices / Tables structured, standardised analysis of threats and mitigations, which may have originally been identified using another technique. Attack Chains / Kill Chains Attack Chain and Kill Chain diagrams improve understanding of security management issues at a strategic level. Chain diagrams make it very clear that intentional attackers typically follow a systematic process. Senior decision makers are typically quick to understand the significance of processes and how they can be controlled. Chain diagrams also demonstrate the need for a "Defence in Depth" approach: a coordinated set of complementary independent security controls is needed to counter multi-stage attacks. 4
5 Use and Abuse Cases Use Case and Abuse Case diagrams (in combination) are simpler to understand and easier to review than many other formats. They allow very early identification of generic attack types which are likely to be relevant. Use and Abuse Case diagrams can and should be first used at the requirements gathering stage before any system components have actually been designed. They allow rapid exploration of interactions between the expected behaviour of system components and authorised users, and possible accidental behaviours of authorised users and unauthorised actions, by insiders or by external attackers. 5
6 Attack Trees Attack Tree diagrams highlight the existence of multiple possible attack targets and attack techniques. Representing many attack options on a single diagram aids understanding of the wide variety of options open to intentional attackers and facilitates analysis of which attacks would have the highest benefits for the lowest time/effort/money and are therefore likely. Attack Trees also enable analysis of the most cost-effective ways to detect and/or block multiple attack paths simultaneously. Attack Trees may also allow identification of ways in which attackers could be demotivated from performing certain attacks (e.g. using legal warnings or disinformation) or in which attackers could be caused to waste resources/effort (e.g. honeypots, sandboxes and bogus responses to footprinting attempts). 6
7 Data Flow Diagrams Data Flow diagrams highlight key points in business processes and systems where threats to confidentiality, integrity or availability could exist. Data Flow diagrams come into play both when business processes and systems are being designed and tested and later during operational reviews of live processes and systems. They are also useful for clarifying in detail how attackers could potentially combine multiple attacks on multiple vulnerabilities to achieve their overall objectives. Whereas Attack Trees and Kill Chains identify high level attack and defence strategies, Data Flow diagrams identify detailed concrete ways in which specific attacks could potentially be blocked. The Importance of Security Zoning All organisations should include appropriate security zones in their overall security architecture. Security zones (also called security compartments) are groups of information assets protected by an effective common security boundary/barrier. Security barriers around information assets may be enforced using logical security controls (e.g. data classification labels, firewall rules, password authentication and encryption) and/or physical/procedural security controls (e.g. site access controls, locked cabinets and restrictions on mobile phones). The important benefit of security zones is that, just like watertight compartments on a ship protect against catastrophic flooding, they prevent the spread of threats. Security zones are needed to prevent both external (generally intentional) and internal (generally unintentional) threats from spreading. 7
8 Data flow diagrams are a good way of showing where security zones exist, what security controls are being used to enforce barriers around zones and where zone restrictions are inadequate. In the example data flow diagram, it should be obvious that the administrator password needs to be better protected outside the Corporate Security zone. Two factor authentication, typically using one-time codes generated by a small hardware device, helps to limit risks related to password sniffing attacks. Fault Trees Fault Tree diagrams highlight single points of failure and support identification of potential unintentional threats of failures at business process, system, subsystem and component levels. They can also be used to identify faults which might affect other Threat Models. Cyber Test Laboratories The main advantage of using Cyber Test Laboratories (also called "Cyber Ranges" or "War Gaming" environments) is that synthetic test environments deliver a greater degree of fidelity and granularity than other threat modelling techniques. Greater realism in threat models, albeit more expensive and time-consuming to achieve, helps to accelerate technical learning about attack techniques and mitigations. Further advantages of Cyber Test Laboratories are that they: enable empirical exploration of threats, impacts and the effectiveness (or not) of various risk mitigation techniques; 8
9 allow part or all of a live environment to be tested without risks to real data; have ongoing value in supporting production security incident response, incident recovery and investigation processes after systems have gone live. How does Threat Modelling relate to Testing? Most Threat Modelling can be considered to be a form of testing known as static analysis which quickly exposes actionable results. The cheapest and most effective testing is to learn from the mistakes which have already occurred elsewhere. Empirically reproducing known errors, except for teaching purposes, is not a good use of limited test resources. However a Cyber Test Laboratory that allows realistic dynamic analysis of the security of complete systems before they are exposed to threats is an invaluable organisational asset. Threat Matrices / Tables Threat Matrices / Tables enable known relationships between threats, motivations, capabilities, compromise methods, impacts and controls (which may have been identified using other Threat Modelling techniques) to be recorded, summarised and tracked in a common format. They also: promote a structured approach to threat analysis; can be developed and reviewed easily; integrate well with other tabular project management and financial control techniques; do not require any specialised tools or infrastructure. 9
10 Whichever Threat Modelling technique (or combination of techniques) is adopted, what is important and valuable about them is that they: can deliver high return on invested effort/time before any expenditure on design/implementation; aid identification of threat sources, threat targets and potential impacts; support understanding of root causes of risks; enable timely and accurate selection and implementation of appropriate mitigations; generate sensitive information which needs to be adequately protected. It is important that only trustworthy people are allowed to participate in threat modelling activities and that unauthorised attempts to access and/or change threat model information are detectable. Otherwise the loss of threat model information or unauthorised alteration of threat model information could have adverse long-term impacts. Protecting Threat Model Inputs and Outputs against Threats All Threat Modelling activities should ideally be performed within a security enclave i.e. a location which is both physically and logically well protected. 10
11 What is Threat Intelligence? Threat Intelligence is information about new and changing threats, including common attack patterns. Threat Intelligence may be provided in semi-structured (human readable) and/or highly structured (machine processable) formats. Threat intelligence may come from external sources including trusted government organisations such as MITRE who publish useful Threat Modelling resources such as the Common Attack Pattern Enumeration and Classification (CAPEC ) taxonomy without charge. A number of companies also specialise in providing threat intelligence information feeds as a commercial service. However in many situations, the best sources of threat intelligence are experienced and well-motivated insiders. People who really understand the organisation's processes and systems know what security controls exist and are often aware of ways in which security controls can be defeated or bypassed. Such internal stakeholders often prove the most valuable sources for actionable threat intelligence. Where to begin with Threat Modelling? A good starting point when developing threat models is to assemble a diverse group of trusted insiders in a workshop format meeting with experienced security consultants acting as facilitators. Key members of the organisation's leadership should be represented to make it clear that the activity of threat modelling is important and officially supported. Before attempting to model any actual threats, it can be helpful to perform a number of ice-breaker threat modelling practice activities. For example, workshop participants can try to develop a threat model for a particular subject (such as an account or personal medical records) using a particular presentation format. Scenarios may also be modified, e.g. assuming that the subject of the threat modelling activity belongs to a family member rather than to a stranger. The aim of initial informal threat modelling practice activities should be to stimulate confidence in the workshop participants that: the activity of threat modelling is not difficult; threat modelling can quickly identify novel attacks and mitigation opportunities. How to develop a Threat Modelling culture? To maximise the effectiveness of Threat Modelling, it needs to be integrated into the organisation's culture. The value of Threat Modelling is maximised when it takes full account of the enterprise context and is conducted with an appropriate balance of people, process and technology. There is no single approach to Threat Modelling which can fully deal with the vast range of different organisational, process and technical requirements. However threat modelling activities are most likely to be successful when they are well integrated with closely related activities such as: Strategic Planning; Business Process Design/Engineering; Business Continuity and Disaster Recovery planning; Operational Risk management; Information Technology Service Management; and Information Security management. The thesis on which this article is based contains a table summarising over 30 different Threat Modelling approaches in terms of their focus on: 11
12 Attackers including the identity, motivation and capability of attackers and analysis of common attack methods; Requirements formal derivation of security protection needs from threat models; Design - including developing models which analyse technical vulnerabilities; Testing including using threat models to improve the relevance and accuracy of positive and negative security tests; Operations threat models which emphasise business information risks over technology risks; Impacts including analysis of both negative impacts of threats and the effectiveness of defences against threats. This can provide a starting point for analysing an organisation s needs for Threat Modelling. Conclusions Threat modelling enables earlier identification of risks than is possible without the use of threat models. If organisations choose not to use Threat Modelling techniques, risks will still arise - but without any advance notice. Understanding the causes of risks well before they impact is a prerequisite for risk avoidance. Considering threats before risks occur also helps to identify adverse events which it would be difficult or time-consuming to recover from. Only by understanding the causes of risks is it possible to mitigate risks in a timely and cost-effective manner. More details about threat modelling in general and about how threat models can be used to guide security testing of enterprise database systems and services in particular can be found in the full thesis itself on Biographies Tim Williams is an independent security consultant and part-time security researcher specialising in security architecture, software security and security testing. Over 25 years of varied work experience has exposed Tim to business and security issues in a range of industry sectors. Tim has been a member of the CESG Listed Advisers Scheme (CLAS) since 2009 and holds a number of other professional memberships and certifications. Since 2011, Tim has been an active volunteer for CESG as a member of CLAS Policy and Tools Working Group and for (ISC) 2 as a member of the examination boards for their CISSP, ISSEP, ISSAP, CCSP and HCISPP professional certifications. Tim is also the Events Coordinator for the recently-formed Thames Valley Chapter of (ISC) 2. Dr Lorenzo Cavallaro is a Senior Lecturer of Information Security in the Information Security Group (ISG) at Royal Holloway University of London. His research focuses largely on systems security. He has founded and is leading the recently-established Systems Security Research Lab (S2Lab) within the ISG, which focuses on devising novel techniques to protect systems from a broad range of threats, including those perpetrated by malicious software. In particular, Lorenzo's lab aims ultimately at building practical tools and provide security services to the community at large. In the past, Lorenzo was lucky enough to have the chance to work with a number of well-established groups (e.g., G. Vigna and C. Kruegel at UCSB, A. S. Tanenbaum and H. Bos at Vrije Universiteit, R. Sekar at Stony Brook University) during his PostDocs and visiting PhD periods. He is currently PI and co-i on a number of research projects funded by EPSRC and EU FP7, publishing in 12
13 top and well-known venues and serving as program committee member for well-known conferences and workshops. 13
The Influence of Software Vulnerabilities on Business Risks 1
The Influence of Software Vulnerabilities on Business Risks 1 Four sources of risk relevant for evaluating the influence of software vulnerabilities on business risks Authors Hilbrand Kramer, MSc (Royal
More informationPASTA Abstract. Process for Attack S imulation & Threat Assessment Abstract. VerSprite, LLC Copyright 2013
2013 PASTA Abstract Process for Attack S imulation & Threat Assessment Abstract VerSprite, LLC Copyright 2013 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
More informationSytorus Information Security Assessment Overview
Sytorus Information Assessment Overview Contents Contents 2 Section 1: Our Understanding of the challenge 3 1 The Challenge 4 Section 2: IT-CMF 5 2 The IT-CMF 6 Section 3: Information Management (ISM)
More informationThe purpose of this Unit is to develop an awareness of the knowledge and skills used by ethical and malicious hackers.
National Unit specification General information Unit code: H9HY 45 Superclass: CC Publication date: September 2015 Source: Scottish Qualifications Authority Version: 02 Unit purpose The purpose of this
More informationINFORMATION TECHNOLOGY SECURITY STANDARDS
INFORMATION TECHNOLOGY SECURITY STANDARDS Version 2.0 December 2013 Table of Contents 1 OVERVIEW 3 2 SCOPE 4 3 STRUCTURE 5 4 ASSET MANAGEMENT 6 5 HUMAN RESOURCES SECURITY 7 6 PHYSICAL AND ENVIRONMENTAL
More informationBusiness Case. for an. Information Security Awareness Program
Business Case (BS.ISAP.01) 1 (9) Business Case for an Information Security Business Case (BS.ISAP.01) 2 Contents 1. Background 3 2. Purpose of This Paper 3 3. Business Impact 3 4. The Importance of Security
More informationHow To Protect Decd Information From Harm
Policy ICT Security Please note this policy is mandatory and staff are required to adhere to the content Summary DECD is committed to ensuring its information is appropriately managed according to the
More informationISO27001 Controls and Objectives
Introduction This reference document for the University of Birmingham lists the control objectives, specific controls and background information, as given in Annex A to ISO/IEC 27001:2005. As such, the
More informationSupplier Security Assessment Questionnaire
HALKYN CONSULTING LTD Supplier Security Assessment Questionnaire Security Self-Assessment and Reporting This questionnaire is provided to assist organisations in conducting supplier security assessments.
More informationUniversity of California, Riverside Computing and Communications. IS3 Local Campus Overview Departmental Planning Template
University of California, Riverside Computing and Communications IS3 Local Campus Overview Departmental Planning Template Last Updated April 21 st, 2011 Table of Contents: Introduction Security Plan Administrative
More informationWhat Makes a Good Security Architecture?
What Makes a Good Security Architecture? What makes a good security architecture? How many times have you heard some organisations state, our policy is that anti-virus software is installed on all servers.
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationEXIN Information Security Foundation based on ISO/IEC 27002. Sample Exam
EXIN Information Security Foundation based on ISO/IEC 27002 Sample Exam Edition June 2016 Copyright 2016 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored
More informationDisaster Recovery. 1.1 Introduction. 1.2 Reasons for Disaster Recovery. EKAM Solutions Ltd Disaster Recovery
Disaster Recovery 1.1 Introduction Every day, there is the chance that some sort of business interruption, crisis, disaster, or emergency will occur. Anything that prevents access to key processes and
More informationInformation security controls. Briefing for clients on Experian information security controls
Information security controls Briefing for clients on Experian information security controls Introduction Security sits at the core of Experian s operations. The vast majority of modern organisations face
More informationThird Party Security Requirements Policy
Overview This policy sets out the requirements expected of third parties to effectively protect BBC information. Audience Owner Contacts This policy applies to all third parties and staff, including contractors,
More informationExam 1 - CSIS 3755 Information Assurance
Name: Exam 1 - CSIS 3755 Information Assurance True/False Indicate whether the statement is true or false. 1. Antiquated or outdated infrastructure can lead to reliable and trustworthy systems. 2. Information
More informationNine Steps to Smart Security for Small Businesses
Nine Steps to Smart Security for Small Businesses by David Lacey Co-Founder, Jericho Forum Courtesy of TABLE OF CONTENTS INTRODUCTION... 1 WHY SHOULD I BOTHER?... 1 AREN T FIREWALLS AND ANTI-VIRUS ENOUGH?...
More informationBuild (develop) and document Acceptance Transition to production (installation) Operations and maintenance support (postinstallation)
It is a well-known fact in computer security that security problems are very often a direct result of software bugs. That leads security researches to pay lots of attention to software engineering. The
More informationThe potential legal consequences of a personal data breach
The potential legal consequences of a personal data breach Tue Goldschmieding, Partner 16 April 2015 The potential legal consequences of a personal data breach 15 April 2015 Contents 1. Definitions 2.
More informationThreat Modeling: The Art of Identifying, Assessing, and Mitigating security threats
Threat Modeling: The Art of Identifying, Assessing, and Mitigating security threats Mohamed Ali Saleh Abomhara University of Agder mohamed.abomhara@uia.no Winter School in Information Security, Finse May
More informationInformation Security Services
Information Security Services Information Security In 2013, Symantec reported a 62% increase in data breaches over 2012. These data breaches had tremendous impacts on many companies, resulting in intellectual
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationCloud Computing Security Considerations
Cloud Computing Security Considerations Roger Halbheer, Chief Security Advisor, Public Sector, EMEA Doug Cavit, Principal Security Strategist Lead, Trustworthy Computing, USA January 2010 1 Introduction
More informationCYBER SECURITY TRAINING SAFE AND SECURE
CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need
More informationA Security Approach in System Development Life Cycle
A Security Approach in System Development Life Cycle (1) P.Mahizharuvi, Research Scholar, Dept of MCA, Computer Center, Madurai Kamaraj University, Madurai. mahiconference@gmail.com (2) Dr.K.Alagarsamy,
More informationCPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS
CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS MARCH 2011 Acknowledgements This Viewpoint is based upon the Recommended Practice: Configuring and Managing Remote Access
More informationIY2760/CS3760: Part 6. IY2760: Part 6
IY2760/CS3760: Part 6 In this part of the course we give a general introduction to network security. We introduce widely used security-specific concepts and terminology. This discussion is based primarily
More informationGuide for the attention of developers/hosts for merchant websites on the minimum level of security for bank card data processing
Guide for the attention of developers/hosts for merchant websites on the minimum level of security for bank card data processing Foreword This guide in no way intends to replace a PCI DSS certification
More informationWHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY?
WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY? Contents Introduction.... 3 What Types of Network Security Services are Available?... 4 Penetration Testing and Vulnerability Assessment... 4 Cyber
More informationThe Cyber Threat Profiler
Whitepaper The Cyber Threat Profiler Good Intelligence is essential to efficient system protection INTRODUCTION As the world becomes more dependent on cyber connectivity, the volume of cyber attacks are
More informationGETTING PHYSICAL WITH NETWORK SECURITY WHITE PAPER
GETTING PHYSICAL WITH NETWORK SECURITY WHITE PAPER Molex Premise Networks EXECUTIVE SUMMARY This article discusses IT security, which is a well documented and widely discussed issue. However, despite the
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationInformation Security Team
Title Document number Add document Document status number Draft Owner Approver(s) CISO Information Security Team Version Version history Version date 0.01-0.05 Initial drafts of handbook 26 Oct 2015 Preface
More informationISO 27001 Controls and Objectives
ISO 27001 s and Objectives A.5 Security policy A.5.1 Information security policy Objective: To provide management direction and support for information security in accordance with business requirements
More informationPrivilege Gone Wild: The State of Privileged Account Management in 2015
Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...
More informationBanking Security using Honeypot
Banking Security using Honeypot Sandeep Chaware D.J.Sanghvi College of Engineering, Mumbai smchaware@gmail.com Abstract New threats are constantly emerging to the security of organization s information
More informationSeven Things To Consider When Evaluating Privileged Account Security Solutions
Seven Things To Consider When Evaluating Privileged Account Security Solutions Contents Introduction 1 Seven questions to ask every privileged account security provider 4 1. Is the solution really secure?
More informationReport to the Public Accounts Committee on mitigation of cyber attacks. October 2013
Report to the Public Accounts Committee on mitigation of cyber attacks October 2013 REPORT ON MITIGATION OF CYBER ATTACKS Table of contents I. Introduction and conclusion... 1 II. How government bodies
More informationPrivilege Gone Wild: The State of Privileged Account Management in 2015
Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...
More informationAUDITOR GENERAL S REPORT. Protection of Critical Infrastructure Control Systems. Report 5 August 2005
AUDITOR GENERAL S REPORT Protection of Critical Infrastructure Control Systems Report 5 August 2005 Serving the Public Interest Serving the Public Interest THE SPEAKER LEGISLATIVE ASSEMBLY THE PRESIDENT
More informationManaging IT Security with Penetration Testing
Managing IT Security with Penetration Testing Introduction Adequately protecting an organization s information assets is a business imperative one that requires a comprehensive, structured approach to
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationCyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13
Cyber Security Consultancy Standard Version 0.2 Crown Copyright 2015 All Rights Reserved Page 1 of 13 Contents 1. Overview... 3 2. Assessment approach... 4 3. Requirements... 5 3.1 Service description...
More informationThe problem with privileged users: What you don t know can hurt you
The problem with privileged users: What you don t know can hurt you FOUR STEPS TO Why all the fuss about privileged users? Today s users need easy anytime, anywhere access to information and services so
More informationIntroduction to Security
2 Introduction to Security : IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 25 October 2013 its335y13s2l01, Steve/Courses/2013/s2/its335/lectures/intro.tex,
More informationHead of Information & Communications Technology Responsible work team: ICT Security. Key point summary... 2
Policy Procedure Information security policy Policy number: 442 Old instruction number: MAN:F005:a1 Issue date: 24 August 2006 Reviewed as current: 11 July 2014 Owner: Head of Information & Communications
More informationTHE HUMAN COMPONENT OF CYBER SECURITY
cybersecurity.thalesgroup.com.au People, with their preference to minimise their own inconvenience, their predictability, apathy and general naivety about the potential impacts of their actions, are the
More informationThreat Modeling. Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE UNIVERSITEIT LEUVEN
Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) Secappdev 2007 1 Overview Introduction Key Concepts Threats, Vulnerabilities, Countermeasures Example Microsoft s Threat Modeling Process
More informationCyber Essentials Scheme
Cyber Essentials Scheme Requirements for basic technical protection from cyber attacks June 2014 December 2013 Contents Contents... 2 Introduction... 3 Who should use this document?... 3 What can these
More informationCESG Certification of Cyber Security Training Courses
CESG Certification of Cyber Security Training Courses Supporting Assessment Criteria for the CESG Certified Training (CCT) Scheme Portions of this work are copyright The Institute of Information Security
More informationWEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY
WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY DATA LABEL: PUBLIC INFORMATION SECURITY POLICY CONTENTS 1. INTRODUCTION... 3 2. MAIN OBJECTIVES... 3 3. LEGISLATION... 4 4. SCOPE... 4 5. STANDARDS... 4
More informationTechnical Proposition. Security
Technical Proposition ADAM Software NV The global provider of media workflow and marketing technology software ADAM Software NV adamsoftware.net info@adamsoftware.net Why Read this Technical Proposition?
More informationSoftware Application Control and SDLC
Software Application Control and SDLC Albert J. Marcella, Jr., Ph.D., CISA, CISM 1 The most effective way to achieve secure software is for its development life cycle processes to rigorously conform to
More informationNetwork Security. Network Security Hierarchy. CISCO Security Curriculum
Network Security Network Security Hierarchy Material elaborat dupa: CISCO Security Curriculum Kenny Paterson s Lectures for: M.Sc. in Information Security, Royal Holloway, University of London 1 Objectives
More informationUF Risk IT Assessment Guidelines
Who Should Read This All risk assessment participants should read this document, most importantly, unit administration and IT workers. A robust risk assessment includes evaluation by all sectors of an
More informationMitigating and managing cyber risk: ten issues to consider
Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed
More informationA Decision Maker s Guide to Securing an IT Infrastructure
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose
More informationProcuring Penetration Testing Services
Procuring Penetration Testing Services Introduction Organisations like yours have the evolving task of securing complex IT environments whilst delivering their business and brand objectives. The threat
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationdeveloping your potential Cyber Security Training
developing your potential Cyber Security Training The benefits of cyber security awareness The cost of a single cyber security incident can easily reach six-figure sums and any damage or loss to a company
More informationCloud security architecture
ericsson White paper Uen 284 23-3244 January 2015 Cloud security architecture from process to deployment The Trust Engine concept and logical cloud security architecture presented in this paper provide
More informationWorking Practices for Protecting Electronic Information
Information Security Framework Working Practices for Protecting Electronic Information 1. Purpose The following pages provide more information about the minimum working practices which seek to ensure that
More informationDemonstrating Regulatory Compliance
White Paper Demonstrating Regulatory Compliance Simplifying Security Management November 2006 Executive Summary Increasingly, organizations throughout Europe are expected to comply (and to demonstrate
More informationComputer Security Lecture 13
Computer Security Lecture 13 Risk Analysis Erland Jonsson (based on material from Lawrie Brown) Department of Computer Science and Engineering Chalmers University of Technology Sweden Security Management
More informationAUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE CYBER SECURITY CAPABILITY FRAMEWORK & MAPPING OF ISM ROLES
AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE CYBER SECURITY CAPABILITY FRAMEWORK & MAPPING OF ISM ROLES Final Report Prepared by Dr Janet Tweedie & Dr Julie West June 2010 Produced for AGIMO by
More informationSpillemyndigheden s Certification Programme Information Security Management System
SCP.03.00.EN.1.0 Table of contents Table of contents... 2 1 Objectives of the... 3 1.1 Scope of this document... 3 1.2 Version... 3 2 Certification... 3 2.1 Certification frequency... 3 2.1.1 Initial certification...
More informationSPEAR PHISHING UNDERSTANDING THE THREAT
SPEAR PHISHING UNDERSTANDING THE THREAT SEPTEMBER 2013 Due to an organisation s reliance on email and internet connectivity, there is no guaranteed way to stop a determined intruder from accessing a business
More informationSOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness
SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper Safeguarding data through increased awareness November 2015 1 Contents Executive Summary 3 Introduction 4 Martime Security 5 Perimeters Breached
More informationCyber Threat Intelligence Move to an intelligencedriven cybersecurity model
Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance
More informationBlackBerry 10.3 Work and Personal Corporate
GOV.UK Guidance BlackBerry 10.3 Work and Personal Corporate Published Contents 1. Usage scenario 2. Summary of platform security 3. How the platform can best satisfy the security recommendations 4. Network
More informationControl Matters. Computer Auditing. (Relevant to ATE Paper 8 Auditing) David Chow, FCCA, FCPA, CPA (Practising)
Computer Auditing Control Matters (Relevant to ATE Paper 8 Auditing) David Chow, FCCA, FCPA, CPA (Practising) The introduction of a computerized or electronic data processing (EDP) accounting system has
More informationAdversary Modelling 1
Adversary Modelling 1 Evaluating the Feasibility of a Symbolic Adversary Model on Smart Transport Ticketing Systems Authors Arthur Sheung Chi Chan, MSc (Royal Holloway, 2014) Keith Mayes, ISG, Royal Holloway
More informationDeveloping the Corporate Security Architecture. www.avient.ca Alex Woda July 22, 2009
Developing the Corporate Security Architecture www.avient.ca Alex Woda July 22, 2009 Avient Solutions Group Avient Solutions Group is based in Markham and is a professional services firm specializing in
More informationA8.1 Asset Management Responsibility for assets: To identify organisational assets and define appropriate protection responsibilities.
A8.1 Asset Management Responsibility for assets: To identify organisational assets and define appropriate protection responsibilities. 8.1.1 Inventory of assets. Tripwire IP360 provides comprehensive host
More informationFedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov
FedVTE Training Catalog SPRING 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov If you need any assistance please contact the FedVTE Help Desk here or email the
More informationWhite Paper. The benefits of a cloud-based service for web security. reducing risk, adding value and cutting costs
White Paper The benefits of a cloud-based service for web security A White Paper by Bloor Research Author : Fran Howarth Publish date : February 2010 By using a service based in the cloud, protection against
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationA PRACTICAL APPROACH TO INCLUDE SECURITY IN SOFTWARE DEVELOPMENT
A PRACTICAL APPROACH TO INCLUDE SECURITY IN SOFTWARE DEVELOPMENT Chandramohan Muniraman, University of Houston-Victoria, chandram@houston.rr.com Meledath Damodaran, University of Houston-Victoria, damodaranm@uhv.edu
More informationUNCLASSIFIED Version 1.0 May 2012
Secure By Default: Platforms Computing platforms contain vulnerabilities that can be exploited for malicious purposes. Often exploitation does not require a high degree of expertise, as tools and advice
More informationCompliance Guide: ASD ISM OVERVIEW
Compliance Guide: ASD ISM OVERVIEW Australian Information Security Manual Mapping to the Principles using Huntsman INTRODUCTION In June 2010, The Australian Government Protective Security Policy Framework
More informationData Management & Protection: Common Definitions
Data Management & Protection: Common Definitions Document Version: 5.5 Effective Date: April 4, 2007 Original Issue Date: April 4, 2007 Most Recent Revision Date: November 29, 2011 Responsible: Alan Levy,
More informationBio-inspired cyber security for your enterprise
Bio-inspired cyber security for your enterprise Delivering global protection Perception is a network security service that protects your organisation from threats that existing security solutions can t
More informationInternet Safety and Security: Strategies for Building an Internet Safety Wall
Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet
More informationHIPAA Security. 6 Basics of Risk Analysis and Risk Management. Security Topics
HIPAA Security SERIES Security Topics 1. Security 101 for Covered Entities 2. Security Standards - Administrative Safeguards 3. Security Standards - Physical Safeguards 4. Security Standards - Technical
More informationLevel 3 Cambridge Technical in IT 05839/ 05840/ 05841/ 05842 Unit 3 Cyber security. Date Morning/Afternoon Time Allowed: 1 hour
SAMPLE ASSESSMENT MATERIAL Level 3 Cambridge Technical in IT 05839/ 05840/ 05841/ 05842 Unit 3 Cyber security Date Morning/Afternoon Time Allowed: 1 hour You must have: The Insert (clean copy case study)
More informationUsing an Open Source Threat Model for Prioritized Defense
SESSION ID: STR-R04 Using an Open Source Threat Model for Prioritized Defense James Tarala Principal Consultant Enclave Security @isaudit Problem Statements In information assurance today, there are no
More informationAppendix. Key Areas of Concern. i. Inadequate coverage of cybersecurity risk assessment exercises
Appendix Key Areas of Concern i. Inadequate coverage of cybersecurity risk assessment exercises The scope coverage of cybersecurity risk assessment exercises, such as cybersecurity control gap analysis
More informationInformation Security Awareness Training
Information Security Awareness Training Presenter: William F. Slater, III M.S., MBA, PMP, CISSP, CISA, ISO 27002 1 Agenda Why are we doing this? Objectives What is Information Security? What is Information
More informationCyril Onwubiko Networking and Communications Group http://ncg. ncg.kingston.ac.
Cyril Onwubiko Networking and Communications Group http://ncg ncg.kingston.ac..ac.uk http://ncg.kingston.ac.uk +44 (0)20 8547 2000 Security Threats & Vulnerabilities in assets are two most fundamental
More informationHow small and medium-sized enterprises can formulate an information security management system
How small and medium-sized enterprises can formulate an information security management system Royal Holloway Information Security Thesis Series Information security for SMEs Vadim Gordas, MSc (RHUL) and
More informationStay ahead of insiderthreats with predictive,intelligent security
Stay ahead of insiderthreats with predictive,intelligent security Sarah Cucuz sarah.cucuz@spyders.ca IBM Security White Paper Executive Summary Stay ahead of insider threats with predictive, intelligent
More informationG- Cloud Specialist Cloud Services. Security and Penetration Testing. Overview
Description C Service Overview G- Cloud Specialist Cloud Services Security and Penetration Testing This document provides a description of TVS s Security and Penetration Testing Service offered under the
More informationPass-the-Hash. Solution Brief
Solution Brief What is Pass-the-Hash? The tools and techniques that hackers use to infiltrate an organization are constantly evolving. Credential theft is a consistent concern as compromised credentials
More informationHow To Protect The Railway From Attack
FOCUS Security Research projects No 1 - November 2014 In its role as technical platform and forum for gathering and expressing members ideas, UIC is able to synthesise these research needs, along with
More informationGuidance on Risk Analysis Requirements under the HIPAA Security Rule
Guidance on Risk Analysis Requirements under the HIPAA Security Rule Introduction The Office for Civil Rights (OCR) is responsible for issuing annual guidance on the provisions in the HIPAA Security Rule.
More informationModule 1: Introduction to Designing Security
Module 1: Introduction to Designing Security Table of Contents Module Overview 1-1 Lesson 1: Overview of Designing Security for Microsoft Networks 1-2 Lesson 2: Introducing Contoso Pharmaceuticals: A Case
More informationENSURING SECURITY IN AND FACILITATING INTERNATIONAL TRADE. Measures toward enhancing maritime cybersecurity. Submitted by Canada SUMMARY
E FACILITATION COMMITTEE 39th session Agenda item 7 FAL 39/7 10 July 2014 Original: ENGLISH ENSURING SECURITY IN AND FACILITATING INTERNATIONAL TRADE Measures toward enhancing maritime cybersecurity Submitted
More informationInternal Audit Progress Report Performance and Overview Committee (19 th August 2015) Cheshire Fire Authority
Internal Audit Progress Report (19 th August 2015) Contents 1. Introduction 2. Key Messages for Committee Attention 3. Work in progress Appendix A: Risk Classification and Assurance Levels Appendix B:
More information8/27/2015. Brad Schuette IT Manager City of Punta Gorda bschuette@pgorda.us (941) 575-3354. Don t Wait Another Day
Brad Schuette IT Manager City of Punta Gorda bschuette@pgorda.us (941) 575-3354 2015 FRWA Annual Conference Don t Wait Another Day 1 SCADA Subsystems Management Physical Connectivity Configuration Mgmt.
More information