Threat modelling enables device makers and service providers to engineer and deliver better products. It offers a structured approach to gathering vulnerability information and is an important step in delivering product security by design.
Conducted as part of the design process, threat modelling is a wise investment – helping teams to catch security issues early on in the development cycle; leading to higher levels of customer satisfaction and better sales figures in the long term.
By performing threat modelling on a regular basis, companies put themselves in a stronger position to maximise their product security and push ahead of their competitors.
At the highest level, threat modelling can be guided by four questions –
- What are we building?
- What can go wrong?
- What are we going to do about it?
- Did we do a good enough job?
Threat modelling has become a key element of cybersecurity guidance across a wide range of commercial sectors, including industrial control systems (ISA/IEC 62443-4-1), automotive (ISO/SAE 21434), medical device development and the provision of financial services. NIST Special Publication 800-213 highlights the need for developers to better understand the threat landscape in its IoT Device Cybersecurity Guidance, so that risk models can be updated accordingly. And threat modelling goes hand in hand with ETSI EN 303 645 – the European standard setting the baseline for securing consumer IoT.
Trusted security partner
Copper Horse’s team of analysts can work with your product developers to help build and maintain your threat models and train staff to become champions in the technique so that they are able to own the insight generated during the process and maximise its security potential.
Through our client engagements we have successfully deployed threat modelling frameworks — which include approaches such as STRIDE — to pinpoint vulnerabilities in systems architecture, aided by the construction of dataflow diagrams (DFDs). And our team can assist in threat prioritisation through the construction of attack trees as well as helping clients to visualise bad actors in more detail by deploying threat agent libraries.
Our experts encourage the use of tabletop tools such as the Elevation of Privilege card deck to further sharpen threat hunting sessions and can demonstrate how to include these in your threat modelling workflow, boosting engagement and raising the value of the exercise.
Further reading –