Threat Modeling - The Bigger Picture

From Source to Secure — Thu, 29 May 2008 10:00:53 GMT

I recently was in a bit of a conversation about Threat Modeling, it's future, and how it relates to Risk

re: Threat Management the bigger picture

dannyl — Thu, 05 Jun 2008 11:28:21 GMT

This is an excellent post. The contribution of threat modeling to operational risk management is, I believe, in a formalized methodology of risk measurement and calculation. Risk is not an an independent variable that can be estimated or observed. Risk is a dependent variable that is a function of asset value, vulnerabilities, threats that exploit the vulnerabilities and countermeasures that mitigate the vulnerabilities.

Current operational risk management systems are based on the notion that operational business processes have risk - and that risk is something to be estimated by employees and consultants and then rolled up. There are different ways different systems do this - using guided interviews or self-assessments - but at the end of the day, if you rollup a bunch of arbitrary risk estimates you will get an arbitrary risk management system.

This is I believe where threat modeling comes in. It helps a company calculate risk in dollar terms and place it on the table together with other business decisions.

The post also mentioned the risk of share prices crashing. Although threat modeling may not be relevant to modeling behavior of many-body problem such as thousands of different stock options being traded by millions of people - threat modeling may be relevant for the individual stock holder.

Yes there is a threat that a stock may crash - the vulnerability is that you might still be holding the stock when that happens (since you are too busy at your day job to notice the change). You mitigate the vulnerability with countermeasures (have someone monitor the stock for you, place an automatic sell order or diversify your portfolio with oil and energy stocks).