Cyber Risk Management

Attack Surface Analysis the key to Cyber Risk Management

The role of the CISO is continuing to evolve. Originally CISOs were expected to be tech-savvy security subject matter experts. Today organizations are requiring their CISOs to be business-savvy experts at cyber risk management also. Singularly either one of these functions would constitute a full-time challenge. In combination, they would drive even the most proficient[…]

Cloud Platform Threat Modeling - AWS Threat Model

AWS Cloud Platform Threat Modeling Reduces Risk

In a continuous push for competitive advantage, cost benefits, and the ability to focus more on their core competencies, organizations are increasingly migrating critical applications and data centers to a cloud environment. According to leading cloud service provider Amazon Web Services (AWS), one of the top three concerns of moving to the cloud is security.[…]

Evolution of Threat Modeling Infographic

The Evolution of Threat Modeling

Threat modeling is all about looking at potential threats from the attacker’s point of view so that those responsible for mounting a defense can prioritize their resources and prepare appropriate responses. Where are the high-value assets? What is the attack surface? What are the potential threats? What are the otherwise unnoticed attack vectors? Military strategists[…]

3 Pillars of a Scalable Threat Modeling Practice - Diagram

Three Pillars of a Scalable Threat Modeling Practice

When threat modeling first moved from theory to application in the early 2000s, completing one model for every 40 hours of personnel resource was considered acceptable. However, now that regulatory pressures and financial consequences are pushing threat modeling into the information security mainstream, organizations are discovering the practical limitations of their traditional threat modeling process.[…]