Threat modelling 101

Blog provided by Electric Kitten

At its most basic level, threat modelling is the process of going through all IT systems in an organization, listing threats, and coming up with mitigations. In a sense, it is about identifying all possible issues and putting things in place to make sure you can recover quickly or prevent them altogether. Let’s look at a more detailed version of the process.

Step 1

The most important part of the process is identifying all systems. If you miss one, you leave a potential gap for future failure that can affect one or more of your other systems. Part of how you negate that risk is to include people from all departments as part of the first step. The systems in question can be internal or external, physical, or virtual, hardware or software. Get this step right and this process will be a success.

Step 2

Now that you have a list of systems, start looking at all the threats and risks associated with that system. You could have a web app to handle transport requests. That could potentially be attacked, hacked, or defaced. Those could be three different threats for each with the result being a denial of service.

Step 3

Now that you have a list of threats, start putting mitigations next to those. If you have mitigations in place, that is great, if not list possible mitigations. When organizations do this process the first time, the list can be quite large, so it is important to prioritize your mitigations. Commercial enterprises can assign dollar values to the threats to make it easier and less political when assigning priorities.

If you’re looking for colocation or server hosting in Los Angeles, contact Electric Kitten. For almost two decades, they have provided reliable colocation service, along with other web hosting options such as shared hosting and dedicated servers. Their colocation clients will have access to a state-of-the-art SAS-70 facility located in the One Wilshire Building in Los Angeles. Their hi-tech setup will ensure you recover quickly and efficiently from any technical disasters that may happen. For more information, call them today at 877-821-HOST or email them at sales@electrickitten.com.