Upload File

threat modeling - crosscountry consulting

2
OVERVIEW Threat Modeling CrossCountry’s approach is based on the attack chain principle and incorporates industry best practices to include the MITRE ATT&CK framework, NIST 800-53, and Lockheed Martin’s Cyber Kill Chain. The outcomes of threat modeling, via collective wargaming, are evidence-based actions that strengthen the organizational security posture. Given the need to keep up with the ever-changing threat landscape, we train your staff throughout your project to sustain this capability for routine assessments. Provide executive debrief, including high-level results, key information, and prioritized action items TRACK Create prioritized action list with wargame outcomes and mitigation details Hold a workshop to include key subject matter experts from your organization to review and validate the content Ensure our initial analysis of the residual risks and recommended mitigations reflect the current state of the network Collect feedback to fine tune the details within the matrix WARGAME Reach consensus on residual risks and mitigations during the wargame workshop Map the offensive and defensive details within a threat model matrix Translate the offensive activities into MITRE ATT&CK techniques and identify the existing security controls that best mitigate each technique Conduct a risk analysis for each attacker technique and corresponding defensive security control to determine residual risks and possible mitigation actions MAP Map scenario details to MITRE ATT&CK framework and the threat model matrix Hold interviews and review documentation to understand the current security posture of the targeted critical asset Construct a detailed threat story following a custom adversary attack chain Document the defensive technologies that might deny or detect adversarial activity within the context of the story DEFINE Define scenario details and adversary attack chain Collaborate with the client to decide the scope of the threat modeling project and subsequently co-create a high-level threat scenario (i.e., story) that will guide the future threat modeling activities SCOPE Create high-level threat scenario summary 1 3 5 2 4

Upload: others

Post on 17-Feb-2022

7 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Threat Modeling - CrossCountry Consulting

OVERVIEW

Threat Modeling

CrossCountry’s approach is based on the attack chain principle and incorporates industry best practices to include the MITRE ATT&CK framework, NIST 800-53, and Lockheed Martin’s Cyber Kill Chain. The outcomes of threat modeling, via collective wargaming, are evidence-based actions that strengthen the organizational security posture. Given the need to keep up with the ever-changing threat landscape, we train your staff throughout your project to sustain this capability for routine assessments.

• Provide executive debrief, including high-level results, key information, and prioritized action items

TRACK

Create prioritized action list with wargame outcomes and

mitigation details

• Hold a workshop to include key subject matter experts from your organization to review and validate the content

• Ensure our initial analysis of the residual risks and recommended mitigations reflect the current state of the network

• Collect feedback to fine tune the details within the matrix

WARGAME

Reach consensus on residual risks and mitigations during

the wargame workshop

• Map the offensive and defensive details within a threat model matrix

• Translate the offensive activities into MITRE ATT&CK techniques and identify the existing security controls that best mitigate each technique

• Conduct a risk analysis for each attacker technique and corresponding defensive security control to determine residual risks and possible mitigation actions

MAP

Map scenario details to MITRE ATT&CK framework and the

threat model matrix

• Hold interviews and review documentation to understand the current security posture of the targeted critical asset

• Construct a detailed threat story following a custom adversary attack chain

• Document the defensive technologies that might deny or detect adversarial activity within the context of the story

DEFINE

Define scenario details and adversary attack chain

• Collaborate with the client to decide the scope of the threat modeling project and subsequently co-create a high-level threat scenario (i.e., story) that will guide the future threat modeling activities

SCOPE

Create high-level threat scenario summary

1 3 52 4

Page 2: Threat Modeling - CrossCountry Consulting

DEFINE

A realistic 12-part attack scenario based on the twelve MITRE ATT&CK techniques, CrossCountry’s threat intelligence program, and CrossCountry’s adversary emulation experience.

MEET OUR TEAM

CAMERON OVERCyber & Privacy Partner Leadcover@crosscountry–consulting.com

ERIC EAMESAdvanced Cyber Risk Leadeeames@crosscountry–consulting.com

MAP

A threat model matrix, containing the modeled adversary’s tactics and techniques, current client countermeasures, and level of residual risk.

OUTPUT EXAMPLES

TRACK

A high-level executive summary, prioritizing the attacker tactics with high levels of residual risk and those where additional mitigating actions could significantly lower those levels of risk.

2

3 5


How to Cope with the Threat of Tribunal | Mayo Wynne Baxter | Classic Consulting

CUSTOMER REPORT - CrossCountry

BRIAN HONAN, BH CONSULTING LAYERED … Layered Security: Protecting Your Data in Today’s Threat Landscape EXECUTIVE SUMMARY Information is the lifeblood of many organizations, and

Hands-On Protection: Consulting Services Enhance Threat …€¦ · • ICS Security Assessment • Building Automation Assessment • ICS Policy Gap Analysis • ICS Security Technology

Estrategias de seguridad v5 - Sisteseg Consulting Services · OCTAVE - Operationally Critical Threat, Asset and Vulnerability Evaluation OEDC – Guidelines for Security of IS and

Measuring and visualizing cyber threat intelligence quality · Keywords Cyber threat intelligence · Threat intelligence sharing · Data quality · Threat intelligence formats ·

Understanding trends and drivers of malnutrition at subnational level: A crosscountry analysis in 15 Sub-Saharan African (SSA) countries

Run for your Life in a crosscountry race from San Francisco to New York!

Threat Vulnerability Consulting Services

Idol Threat: Not an Idle Threat

Crosscountry - Centre-Nord

HERTFORDSHIRE SCHOOLShsaa.info/documents/crosscountry/XC/2013_secondary.docx · Web viewHERTFORDSHIRE SCHOOLS CROSS-COUNTRY CHAMPIONSHIPS Saturday 2 nd February 2013 WESTMINSTER LODGE

Water Sector Case Study - Invictus Consulting · 2016. 6. 7. · analysis, a threat analysis, and a vulnerability assessment. Specifically, a consequence analysis estimates the potential

Michelle Vanderbilt University Information Technology IT CRM · 2020-01-20 · Threat & Vulnerability Mgmt. Incident Response Security Awareness Security Assessment & Consulting Compliance

Cyber, Physical or Insider Threat? - ASIS Europe 2018 · Cyber, Physical or Insider Threat? ... navigating a complex risk landscape? physical threat cyber threat insider threat

Advanced Persistent Threats– Coming to a Network Near You - Barry Hensley Director, Counter Threat Unit and Jeff Schilling Director, Security & Risk Consulting

Crosscountry Bundesmeisterschaften Obertraun · 2017-11-10 · Veranstalter: - Crosscountry Bundesmeisterschaften Obertraun Datum: Donnerstag, 09. November 2017 Ergebnisliste: Kat

CYBER THREAT INTELLIGENCE ESTIMATE 2017€¦ · 2017 THREAT LANDSCAPE REPORT Cyber Threat Intelligence 7 8. THREAT ACTORS When security professionals talk about threat actors, they

2012 Sportscoach Crosscountry by Coachmen

IOT: EXPLORING THE THREAT SURFACEintro the big idea securing the edge ... » elasticsearch. threat hunting and response | security consulting 05 | securing the data. threat hunting

Threat monitor Threat Intelligence Report Q1 2020

INSIDER THREAT - Optiv · Insider Threat Defined While insider threat has been defined in many different ways, Optiv defines insider threat as: “An insider threat is an employee,

Rottefella Crosscountry

Cybercore Threat Analysis I - Fact Sheets Threat... · 2020. 12. 3. · THREAT ANALYSIS Similarly, control systems threat analysts must maintain a strategic perspective of the threat

wayzatatiming.comwayzatatiming.com/crosscountry/2019/MankatoEast2/results.pdf · wayzatatiming.com

CrossCountry Future Timetable Consultation · CrossCountry Future Timetable Consultation . 2 ... per year at the start of the franchise to 37 million journeys during ... Cheltenham

Winds of threat: The North Korea Threat

Training - CJ Security Consulting Group Pte Ltd€¦ · AVSEC for front-line Security Officers Tactical Profiling Course which Bomb Threat Handling Document Verification Course (Travel

ASSESSING THREAT VULNERABILITY FOR FOOD DEFENCE · Kassy Marsh Adele Adams Techni-K Consulting Adele Adams Associates . v | Assessing Threat Vulnerability for Food Defence echni-

Comprehensive Situational Awareness consulting sales ...€¦ · Drones can carry payloads capable of causing significant damage and posing a threat to human life. At high altitudes,

Cisco Enterprise Security · Januar 2017 Threat Defense mit Hilfe des Netzwerks und Cisco StealthWatch Cisco Enterprise Security Thomas Spiegel Consulting Systems Engineer

CONFEDERAÇÃO BRASILEIRA DE AUTOMOBILISMOarquivo.rallybr.com.br/images/crosscountry/2013/regulamento... · 2 CONFEDERAÇÃO BRASILEIRA DE AUTOMOBILISMO ARTIGO 1 - DEFINIÇÃO 1.1

Crosscountry photo final

Owners Manual CrossCountry²...Owners Manual CrossCountry² Version 1.0 Stand 03.05.2019 Fly market GmbH & Co. KG Am Schönebach 3 D-87637 Eisenberg Tel.: +49 (0) 8364 9833-0 Fax:

Review of the Consumer Data Right PIA Consulting report...IDM Identity Management ISTRA Information Security Threat & Risk Assessment ISMS Information Security Management System KYC