Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Consulting and Strategic Research

Published byYuliani Iskandar Modified over 6 years ago

Similar presentations

Presentation on theme: "Security Consulting and Strategic Research"— Presentation transcript:

1 Security Consulting and Strategic Research
Threat Modeling Jeffrey A. Ingalsbe Security Consulting and Strategic Research Ford Motor Company (313)

2 The Problem(s) Security was viewed as IT’s responsibility
Security was viewed as an add-on or a burden Internal Business customers were adversarial Internal Business customers were absent Auditability of the sdlc was poor The same vulnerabilities kept were not going away There was no “dial” for controls It was difficult to talk to lawyers about risk The intranet was considered “safe” Employees were “trusted” NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

3 One Solution: Threat Modeling
Threat Modeling is : A repeatable process Collaborative Proactive Executed during the design phase (mostly) Risk quantifying Business empowering Awareness raising NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

4 Ford’s Journey Piloted Microsoft’s TAM tool in 2005
Rolled out Threat Modeling as a service in 2007 Launched “Fast Pass” Threat Modeling in 2008 Piloting Microsoft’s SDLTM tool in 2009 NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

5 Terms Model: Representation of reality constructed using Roles, Data, and Components, used to build Use Cases, generate Threats, and analyze Risk, and develop a Risk response. Use Case: Not a UML use case. A higher level interaction between people and the components of your system involving data to achieve some business objective. Threat: Potential unintended event which may occur within a use case. There are three kinds of threats according to the Microsoft tools: threats to Confidentiality , threats to Integrity, and threats to Availability. NOTE: A threat doesn’t have to be malicious! Risk: The aggregate of discoverability, reproducibility, exploitability, affected users, and damage potential (DREAD). Risk Response: Planned action to address risk. You can Reduce, Transfer, Avoid, Accept. NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

6 Participants Business owners First and foremost SMEs Architects
Developers Application owners Infrastructure owners IT Security Threat modelers CIRT Forensics Encryption Authentication NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

7 Time Commitment Minimum Maximum 7 calendar days
3 half-day meetings with the entire team 2 full-days of work for security members Maximum 4 to 6 calendar weeks 4 to 6 half day meetings with the entire team 1 or 2 full-days of work for security members NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

8 Process Identify business objectives Set scope Construct model Roles
Data Compnents Use cases Generate threats Analyze threats Determine Risk Responses Report out Improve process NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

9 Process NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

10 Results Used threat modeling to reduce risk on strategically important IT projects. Saved significant calendar time on processing launch related IT work. Optimized process and applied to pilots, PoCs, and processes. Raised awareness on risk-based decision making. Taught people to fish. Moved the needle with several important business customers (specifically the OGC). NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

11 Security Consulting and Strategic Research
Questions Jeffrey A. Ingalsbe Security Consulting and Strategic Research Ford Motor Company (313) NOTES: Refer to avoidance of re-work (last bullet) is applied at optimal point in development process. Contrast with penetration testing and security assessments (both occurring later in the process).

Download ppt "Security Consulting and Strategic Research"

Similar presentations

TECH Project Company X Documentation Plan Champion/Define Phase

TECH Project Company X Documentation Plan Champion/Define Phase
Test Automation Success: Choosing the Right People & Process

Test Automation Success: Choosing the Right People & Process
Risk Assessment What is RISK?  requires vulnerability  likelihood of successful attack  amount of potential damage Two approaches:  threat modeling.

Risk Assessment What is RISK?  requires vulnerability  likelihood of successful attack  amount of potential damage Two approaches:  threat modeling.
Bridging the gap between software developers and auditors.

Bridging the gap between software developers and auditors.
HIPAA Security Rule Overview and Compliance Program Presented by: Lennox Ramkissoon, CISSP The People’s Hospital HIPAA Security Manager The Hospital June.

HIPAA Security Rule Overview and Compliance Program Presented by: Lennox Ramkissoon, CISSP The People’s Hospital HIPAA Security Manager The Hospital June.
SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.
Accounting Information Systems Chapter Outlines

Accounting Information Systems Chapter Outlines
Pertemuan 11-12 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Bureau of Workers’ Comp PA Training for Health & Safety (PATHS)

Bureau of Workers’ Comp PA Training for Health & Safety (PATHS)
Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd (610820-A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, 57000 Kuala Lumpur,

Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd ( A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, Kuala Lumpur,
Security Risk Management Paula Kiernan Ward Solutions.

Security Risk Management Paula Kiernan Ward Solutions.
© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Revised Change, Configuration, Release (CCR) Rollout Overview

Revised Change, Configuration, Release (CCR) Rollout Overview
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.

Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.
1 Industrial Design of Experiments STAT 321 Winona State University.

1 Industrial Design of Experiments STAT 321 Winona State University.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
The Evergreen, Background, Methodology and IT Service Management Model

The Evergreen, Background, Methodology and IT Service Management Model
BA 378: Accounting Information Systems Instructor: Dr. James R. Coakley.

BA 378: Accounting Information Systems Instructor: Dr. James R. Coakley.
Architecting secure software systems

Architecting secure software systems

Similar presentations

Ads by Google