Threat modeling is an effective way to discover threats and vulnerabilities, when it comes to the domain of cybersecurity, IT governance, risk management, regulatory compliance, threat and vulnerability management. And there are a lot of tools used to threat model. However, there are common mistakes people make in threat modeling. Here is a list of these common mistakes to avoid.
It is a good strategy to think like an attacker, and it may reduce the harm by predicting what an attacker may do. But it shouldn’t always be used. There are a lot more strategies that can be used. And you can choose which strategy to use based on the situation. Do not stick to one strategy. Attacker -centric may be useful for ethical hacking and red team operations, but if you are doing holistic at high level, you may be required to add in a related framework or build your own threat model that takes all your actual organization environment and system variables in consideration.
Thinking that you should do threat modeling only one time is a big mistake. Threat modeling is a continuous process that has no end. And that’s because threats and vulnerabilities never end. And we should always be aware of them. It is always a good practice to set the time in future or when the major change in the organization, like infrastructure, system and application change, quickly to review and update respective potential risk, attack path, security controls to make sure your threat model continues to be relevant and up to date.
Even though a specific background in software development and systems security is required, with training, anyone can do threat modeling. Effective threat model is always the one built from internal and takes in consideration from all the stakeholder inputs, and it will be surprising business groups and users may provide insight and new perspective technical groups and users are always overlooked.
Threat modeling should always be done in the early stages of the design process. Doing threat modeling in the early stages helps in reducing the cost and time of security. Also, it provides a clear vision of what vulnerabilities and threats the system has. Threat modeling in the late stages will cost more since you can’t mitigate the threats. So, always make sure to do threat modeling in the early stages. At the minimum, it is always required to have threat modeling before technical vulnerability management.
A lot of time, if not all the time, a failed threat model is a consequence of focusing on the wrong points. Such as focusing on the less harming asset. So, it is important to know which point we should focus on and why exactly. This is often the result of not doing a good asset discovery, identification, prioritization in the very beginning.
We have mentioned a few common mistakes usually made in threat modeling. These common mistakes are: Always thinking like the attacker, Threat modeling is a one time process, Only experts can do threat modeling, Threat modeling in late stages, and Focusing in the wrong place. Make sure to avoid them to get better results on your threat model. Feel free to contact E-SPIN for your cybersecurity management, from project to operations, from providing consultancy to fine tuning the process, procedure to supply the right product, system and solution to meet current and future organization needs and requirements.
