Data breaches cost companies USD 8.64 million on average (Johnson, 2021), but many companies report they don’t have adequate protection against these vulnerabilities because there aren’t enough IT security professionals to help. The shortage of cybersecurity professionals leaves these organizations vulnerable to costly data breaches.
Threat modeling is a technique cybersecurity professionals use to identify security vulnerabilities in a company’s IT infrastructure and develop techniques to protect its resources. This guide explores cyber threat modeling and explains which threat modeling skills and tools companies need most.
How Cybersecurity Professionals Use Threat Modeling
Cyberattacks are getting more sophisticated and causing more damage to companies’ systems daily. Security professionals use a structured process to identify the threats that plague organizations.
A threat intelligence professional aims to identify potential cyberthreats and determine their impact. Once the threat intelligence analyst has this information, they can strategize how to prevent each type of attack. Security teams use threat modeling to identify the areas of the organization’s systems and networks most vulnerable to attack.
The Cyber Threat Modeling Process
Cybersecurity professionals must meet several objectives to evaluate whether they’ve successfully mitigated a risk.
Define Scope
Determining scope helps narrow the focus to a specific area. Attempting to tackle too broad an area may cause analysts to miss vulnerabilities. Often, analysts focus on one or two areas of the system at a time.
Decompose the System
The threat analysis itself starts with decomposing the system. Security analysts must understand every event or action in the system. Their research highlights the following information.
External Dependencies
External dependencies represent systems outside the target system. For example, an external dependency could be:
- A system within the organization, such as a customer relationship management or human resources information system
- A system at a third-party vendor or business partner that provides information to the target system, such as updated information from a supplier’s inventory database
Entry and Exit Points
Entry points represent the specific locations where an attacker could enter the system. An example entry point is input fields on a web form. Exit points define where data leaves the system. Entry and exit points define what is known as the “trust boundary.”
Assets
When an attacker targets a system, they often have a goal— access to a particular organizational asset. For example, a malicious hacker may want a list of a company’s customers and each customer’s personal information.
Trust Levels
Trust level represents specific access rights for the system. Threat intelligence analysts cross-reference these access rights against the entry and exit points. This enables them to see what privileges an attacker needs to interact with to access the asset.
Data Flow
Threat intelligence professionals create data flow diagrams to obtain a high-level picture of the path of information as it flows through the system. These diagrams show analysts what happens to the data at each step.
Identify Threats
At this stage, the analyst chooses a threat model. A threat model represents the process analysts use to pinpoint weak spots in the system. Two of the most common threat models are:
- STRIDE. The STRIDE model—an acronym for six threat categories (Spoofing identity, Tampering with data, Repudiation of threat, Information disclosure, Denial of service, and Elevation of privilege)—applies a general set of rules to evaluate a system and identify common vulnerabilities (Geib et al., 2022).
- Attack trees. Attack trees represent a graphical way of attacking a system in tree form. The root is the goal, and leaves are possible methods of achieving that goal. Each branch represents a separate attack.
List and Prioritize Threats
In this stage, the analyst creates a list of threats based on the risks the threat modeling identifies. Each risk represents what the company must fix to secure the system.
Mitigate Risk
Cybersecurity professionals share the list created in the previous step with the appropriate parties in the organization to mitigate risks. Common fixes include:
- Operating system updates
- Code changes
- Hardware updates for the network
Validate Outcomes
After addressing risks, the analyst verifies that the solutions work. They perform another evaluation of the system to confirm the results.
Threat Modeling Tools
Manual threat modeling is generally too time-consuming for threat intelligence analysts. Instead, they rely on cyber threat modeling tools to speed up the process. These tools make the process more efficient and create accurate outcome documentation. Analysts have a variety of options for tools to help with this process.
Cairns
Cairns is a web-based tool that enables users to create attacker personas. The persona includes information such as attack goals, resources the hacker may use, and possible attack paths. The tool automatically spots attack patterns and recommends mitigation strategies.
IriusRisk
IriusRisk is a questionnaire-based system that asks analysts questions to collect data about the system. IriusRisk uses the information from the questionnaire to create a list of potential threats, including suggested mitigation strategies for each threat. IriusRisk integrates with issue trackers such as Jira and Continuous Integration/Continuous Delivery tools to run as a part of a DevOps pipeline.
Threagile
Threagile is an integrated developer environment (IDE) tool. It focuses on threat modeling at the coding level. Developers input infrastructure information and risk rules into the tool. Threagile generates models that identify potential weak points. That way, developers can address these weak points before releasing code.
From 2020 to 2021, deployment of security technologies rose from 15% to 84% in response to the rise in security threats (Gartner, 2021). This increased investment signals the strong demand for trained threat intelligence professionals equipped to address cyberthreats.
Investing in cybersecurity training is important for success in this field.
References
Gartner. (2021, September 13). Gartner survey reveals talent shortages as the biggest barrier to the adoption of emerging technologies [Press release]. https://www.gartner.com/en/newsroom/press-releases/2021-09-13-gartner-survey-reveals-talent-shortages-as-biggest-barrier-to-emerging-technologies-adoption
Geib, J., Berry, D., Baldwin, M., & Kess, B. (2022, January 2). Microsoft Threat Modeling Tool threats. Microsoft Azure Secure Development Documentation. https://docs.microsoft.com/en-us/azure/security/develop/threat-modeling-tool-threats
Johnson, J. (2021, November 15). Average organizational cost to a business in the United States after a data breach from 2006 to 2020. Statista. https://www.statista.com/statistics/273575/average-organizational-cost-incurred-by-a-data-breach/
About the Author
Jory is a seasoned writer specializing in content strategy and content writing for IT and SaaS companies around the globe.
More Articles Like This
