Week -5

Threat model process 

Cybr-650

Identify system to be assessed – The first step of managing threats and the risk is to identify which system needs to be assessed. It needs to be done when you are assessing new assets to be added to the environment.

Gather system information: During to the first step, we identify system and on this process the information is gathered regarding the systems that need to be assessed. Information gathered document needs to be checked in a document repository. The process we can use it is called “Brainstorming” during this process to collect the information.

Identify/Review-Before we go to this process, we will identify system and gather system information, then after threat and vulnerabilities are identified from this step. This process helps to identify and provide detail information about Threat and Vulnerability. The collected information is also further reviewed. After Reviewed we can validate the threat and vulnerabilities on the database of national vulnerabilities and antivirus.

Document Information. On this process, information is collected from the previous steps and then documented properly. We can use the tool called “Microsoft Threat Modeling Tool”. This is a tool will help to retrieve the information if it is needed for review or analysis for in future.  Physical, logical and data flow system information is also documented on this tool.

Risk Categorization: On this process, we categorized the information using the security risk analysis. Companies have different policies and procedures. They need to check the risk according to the company policies and procedures and the company standard. Threat categorization will help to categorization and identify it systematically in structured. We can figure it out will the help to risk management team whether to accept the risk or transfer the risk.

Implementation and control: After risk categorization step is completed then threat and vulnerabilities countermeasures are implemented per risk category. After the threat impacts are understood by the team of the company, they should try to identify countermeasures that could be prevented threats from causing the impacts. The team, who is working on an issue, they need to ensure the suggested countermeasures work properly.

Evaluate Control: After Implementation is completed.it will require validation. After validation is made control needs to be evaluated time to time.

The process should be repeated if there are new vulnerabilities or threats, so the process won’t end.