Security Consulting and Strategic Research

Slides:

Advertisements

Similar presentations

TECH Project Company X Documentation Plan Champion/Define Phase

Advertisements

Test Automation Success: Choosing the Right People & Process

Risk Assessment What is RISK?  requires vulnerability  likelihood of successful attack  amount of potential damage Two approaches:  threat modeling.

Bridging the gap between software developers and auditors.

HIPAA Security Rule Overview and Compliance Program Presented by: Lennox Ramkissoon, CISSP The People’s Hospital HIPAA Security Manager The Hospital June.

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.

Accounting Information Systems Chapter Outlines

Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Bureau of Workers’ Comp PA Training for Health & Safety (PATHS)

Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd ( A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, Kuala Lumpur,

Security Risk Management Paula Kiernan Ward Solutions.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

Revised Change, Configuration, Release (CCR) Rollout Overview

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.

1 Industrial Design of Experiments STAT 321 Winona State University.

SEC835 Database and Web application security Information Security Architecture.

The Evergreen, Background, Methodology and IT Service Management Model

BA 378: Accounting Information Systems Instructor: Dr. James R. Coakley.

Architecting secure software systems

Arizona Department of Education Superintendent John Huppenthal Mark Masterson, CIO Pamela Smith, AELAS Program Director Mark Svorinic, AZ-SLDS Program.

Information Systems Security Computer System Life Cycle Security.

N-Wave Shareholders Meeting May 23, 2012 N-Wave Security Update Lisa

Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.

Security is not just… 1 A Compliance Exercise Certification and Accreditation FISMA.

Project Scope Management Information Technology Project Management, Fifth Edition Note: some slides have been removed from the author’s original presentation.

Introducing Project Management Update December 2011.

What Can Go Wrong During a Pen-test? Effectively Engaging and Managing a Pen-test.

Theories of Agile, Fails of Security Daniel Liber CyberArk.

What is RISK?  requires vulnerability  likelihood of successful attack  amount of potential damage Two approaches:  threat modeling  OCTAVE Risk/Threat.

Chapter 1: Security Governance Through Principles and Policies

Risk Controls in IA Zachary Rensko COSC 481. Outline Definition Risk Control Strategies Risk Control Categories The Human Firewall Project OCTAVE.

Primary Steps for Achieving ISO Certification.

For more course tutorials visit

For More Best A+ Tutorials CMGT 400 Entire Courses (UOP Course) CMGT 400 Week 1 DQ 1 (UOP Course)  CMGT 400 Week 1 Individual Assignments.

Snowfensive At Snowfensive.com, we provide specialized cyber security risk assessments for organizations. We also give security awareness training for.

Introduction and implementation OWASP Risk Rating Management

Rapid Launch Workshop ©CC BY-SA.

ATS Service Assurance Suite presentation

Risk Management.

MANAGEMENT of INFORMATION SECURITY, Fifth Edition

Agenda Control systems defined

Evaluating Existing Systems

COMP3357 Managing Cyber Risk

Staff Family Day: understanding safe road use

Evaluating Existing Systems

COST BENEFIT ANALYSIS OF IMPROVED PATCHING WINDOW USING FAIR

EOB Methodology Overview

Hyper-V Cloud Proof of Concept Kickoff Meeting <Customer Name>

Description of Revision

The Key to Hiring Excellence “The act of working together to achieve a common purpose.” —Oxford Dictionary.

CIS 333 Competitive Success/snaptutorial.com

CIS 333Competitive Success/tutorialrank.com

BIS 320 NERD Perfect Education/ bis320nerd.com.

CIS 333 Education for Service-- snaptutorial.com.

CIS 333 RANK Perfect Education/ cis333rank.com.

CIS 333 RANK Lessons in Excellence-- cis333rank.com.

CIS 333 Education for Service-- tutorialrank.com.

CIS 333 RANK Education for Service-- cis333rank.com.

CIS 333 Teaching Effectively-- snaptutorial.com

GlobAL Public Procurement Conference September 2018

Shifting Security Left

Add Engineering Value to your Project through BIM Preconstruction Services Preconstruction Services BIM Engineering U.S., L.L.C. – Best Preconstruction.

Employee engagement Delivery guide

Chris Romano Andrew Shepardson IA 456

Albeado - Enabling Smart Energy

Executive Project Kickoff

{Project Name} Organizational Chart, Roles and Responsibilities

Six Sigma Introduction 1 1.

Presentation transcript:

Security Consulting and Strategic Research Threat Modeling Jeffrey A. Ingalsbe Security Consulting and Strategic Research Ford Motor Company (313) 390-9278 jingalsb@ford.com

The Problem(s) Security was viewed as IT’s responsibility Security was viewed as an add-on or a burden Internal Business customers were adversarial Internal Business customers were absent Auditability of the sdlc was poor The same vulnerabilities kept were not going away There was no “dial” for controls It was difficult to talk to lawyers about risk The intranet was considered “safe” Employees were “trusted” NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

One Solution: Threat Modeling Threat Modeling is : A repeatable process Collaborative Proactive Executed during the design phase (mostly) Risk quantifying Business empowering Awareness raising NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

Ford’s Journey Piloted Microsoft’s TAM tool in 2005 Rolled out Threat Modeling as a service in 2007 Launched “Fast Pass” Threat Modeling in 2008 Piloting Microsoft’s SDLTM tool in 2009 NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

Terms Model: Representation of reality constructed using Roles, Data, and Components, used to build Use Cases, generate Threats, and analyze Risk, and develop a Risk response. Use Case: Not a UML use case. A higher level interaction between people and the components of your system involving data to achieve some business objective. Threat: Potential unintended event which may occur within a use case. There are three kinds of threats according to the Microsoft tools: threats to Confidentiality , threats to Integrity, and threats to Availability. NOTE: A threat doesn’t have to be malicious! Risk: The aggregate of discoverability, reproducibility, exploitability, affected users, and damage potential (DREAD). Risk Response: Planned action to address risk. You can Reduce, Transfer, Avoid, Accept. NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

Participants Business owners First and foremost SMEs Architects Developers Application owners Infrastructure owners IT Security Threat modelers CIRT Forensics Encryption Authentication NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

Time Commitment Minimum Maximum 7 calendar days 3 half-day meetings with the entire team 2 full-days of work for security members Maximum 4 to 6 calendar weeks 4 to 6 half day meetings with the entire team 1 or 2 full-days of work for security members NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

Process Identify business objectives Set scope Construct model Roles Data Compnents Use cases Generate threats Analyze threats Determine Risk Responses Report out Improve process NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

Process NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

Results Used threat modeling to reduce risk on strategically important IT projects. Saved significant calendar time on processing launch related IT work. Optimized process and applied to pilots, PoCs, and processes. Raised awareness on risk-based decision making. Taught people to fish. Moved the needle with several important business customers (specifically the OGC). NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

Security Consulting and Strategic Research Questions Jeffrey A. Ingalsbe Security Consulting and Strategic Research Ford Motor Company (313) 390-9278 jingalsb@ford.com NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).