Threat Modeling: Protecting Yourself Before You Get Attacked
Recently, we’ve seen a lot of breaches in prominent companies. It may be weighing on your mind that the data that you stored in these companies may have been compromised. After all, your data has a greater potential to be compromised since hackers now have access to very sophisticated and advanced hacking tools. And that seemingly harmless update that you downloaded a few months back might have introduced malware into your work laptop, personal computer, or other important devices. It might be difficult to safeguard your data now that it has been compromised. However, you can do something to protect yourself before this happens again: following threat modeling principles.
Table of Contents
- What is Threat Modeling?
- How should I realize where I’m vulnerable?
- How do I assess the likelihood of threat vectors?
- How do I determine the probability that my data will get targeted?
- Are there any Threat Modeling tools?
What is Threat Modeling?
Threat modeling is a system in which you protect yourself against potential threats through realizing where you’re most vulnerable, assessing the likelihood of attack vectors, and determining the probability that your data will get targeted. Although that might seem like a lot to digest, you probably incorporate some parts of this process into your daily life. You might consider avoiding going through dark alleys while walking at night. You might decide to wear a mask to decrease your likelihood of catching COVID-19. From a technological standpoint, it may be as simple as choosing a more secure password. Either way, by making decisions such as these, you are safeguarding yourself and preventing yourself from getting attacked in the first place.
How should I realize where I’m vulnerable?
An important aspect of threat modeling is keeping an open eye on potential threats. Since a threat involves unapproved users seeing your private information and applications, a threat can range from a simple phishing email to a DDoS attack on your site. Considering all the possible entry points from the beginning will help enlighten you and decrease your data’s chances of getting breached. If you’re concerned about your company’s unknowns and would like some help, we offer a free AWS security self-assessment. We also offer an enterprise security gap analysis that can help clarify your security.
When you figure out the entry points in your environment, addressing the most vulnerable areas is essential. You wouldn’t want to find a place to eat before going to the nearest hospital if you got hit by a car. So why would you prioritize creating company guidelines for co-working and shared spaces before defining data ownership?
How do I assess the likelihood of threat vectors?
A threat vector is an umbrella term used to call the entry points in your security. There are several types that you have hopefully mostly figured out through the previous step. At this stage, you’re determining the likelihood of these entries getting breached rather than defining how important the insecure data is. Suppose you are aiming to secure threats vectors individually rather than decreasing the attack surface as a whole. In that case, one way of determining the likelihood is by figuring out each entry point’s security. Outlining each entry point’s security can help you prioritize which point to strengthen first. Here are some points to consider:
- Are your usernames and passwords exposed? Are your passwords easy to guess?
- Is there potential that an employee at your company might misuse sensitive data for malicious intent?
- What are the chances that someone in your household might accidentally download malware?
In general, determining an attack’s probability depends primarily on keeping the attack surface as small as you can while maintaining a healthy security posture. Ensuring proper encryption, strengthening credentials, and keeping a lookout for suspicious activity are examples of ways to decrease the likelihood of those threat vectors.
For more information on common cyber-attack vectors and what you can do to avoid them, here are some resources:
- 8 Common Cyber Attack Vectors and How to Avoid Them
- What is an Attack Vector? Common Attack Vectors
- Most common attack vector over Critical Infrastructures
How do I determine the probability that my data will get targeted?
Although it’s hard to put a real number on it since there isn’t consistent data, the chances of a company getting breached in a year are fairly low depending on the company and whether they have been breached before. Assessing what might incentivize a malicious attacker to want your data is a significant factor.
If you or your company is relatively small and doesn’t have many assets, the chances of getting hacked would generally be less than a prominent, wealthy company or individual. Additionally, your company’s reputation plays a role. If your company is known for collecting personal information, is involved in finances, or is known for having questionable ethics, the likelihood of your company getting targeted increases. Likewise, if you have a substantial social media presence, you’re more likely to get attacked.
Are there any Threat Modeling tools?
There is a couple of software available to help you get started with threat modeling. As security should be available for all, I included several open source and free software:
Determining where you’re most vulnerable, how you might get attacked, as well as the possibility of you getting attacked will help prevent your data from getting breached in the first place. Although it’s hard to judge the exact likelihood of your data getting hacked, having a rough estimate can prevent surprises. Additionally, keeping in mind the different access points as well as the many methods that malicious actors might use helps. In other words, having some sort of strategy is better than having none when it comes to your security.
If you would like to download the infographic for this article, click here!