Applications are not always stand-alone. On the contrary: they are mostly part of an ecosystem of applications. You need to find out how it works and how it supports your organisation. You also need to have a clear understanding of the security requirements. You should, for example, know what other applications or services the application is exchanging information with.
The business context
What business process is being performed or supported? What are the characteristics of that specific process? And how crucial is that process for your business?
You also need to find out who is using the application and identify possible threat actors. In most cases, they fall into one of the following categories:
- Insider trusted: privileged users
- Insider untrusted: very regular users, contractors …
- External trusted: suppliers, partners, service providers …
- External untrusted: competitors, cybercriminals …
Eventually, you need to identify risks for your business: what is the impact and what is the probability that a certain risk will occur?
The added value of threat modeling
Threat modeling is quite time-consuming and thus expensive. It is therefore only relevant for important applications: those that bring in a lot of revenue or handle important data for your organization.
Create doomsday scenarios
Doomsday scenarios are hypothetical situations: the worst that could happen for an application – and for your business. Creating doomsday scenarios helps you to proactively anticipate – and even prevent – possibly catastrophic events.
You need to describe the following:
- Threat sources: who would be interested in compromising the applications? Why would this be interesting for an attacker?
- Impact: what will be the impact of an attack? Some of the possibilities are theft, loss, corruption and disruption.
- How: how will the scenario be realized? Describe in detail how the attack would be performed.
Could you use some more explanation?