Getting Started with Cloud Threat modeling

cyber

Long ago, the concept of cyber risks appeared to be limited to huge corporations and financial organizations. This has changed so drastically in recent years that data breaches via system penetration and social engineering techniques such as spear phishing have become common knowledge. Threat actors are no longer choosy about possible targets, targeting both persons and organizations.

As the analogy goes: “Where there is smoke, there is fire”. Organizations have driven the evolution of cyber security mechanisms to where they are today out of necessity. One such security measure is the real-time monitoring of corporate networks and cloud environments to identify threats before they cause damage. One such real-time monitoring platform for SaaS ecosystems is docontrol.io, a cloud-native code-free SaaS security platform.

To effectively address threats an organization needs to compile a comprehensive threat model, these threat models are typically unique to each organization and are utilized to identify possible weak points in an organization’s SaaS environment.

What Exactly is a Traditional Threat Model?

At its core, cyber security relies on three main components:

  • Security Policies
  • Threat models
  • Security mechanisms, that enforce the threat models

A threat model aims to answer some key questions about application and infrastructure environments.  The first question that needs to be asked is: “What are my infrastructure vulnerabilities?”. This might be anything and everything from not having up-to-date security patches down to a granular user level of password strength deficits. Essentially a summary of all that might happen. The second part of a threat model needs to address these vulnerabilities. How you would go about fixing the vulnerabilities that were identified? 

And finally, the threat model will also serve as a retrospective framework to gauge whether the remediations that were suggested to eliminate vulnerabilities in the environment were applied and whether the remediations are effective. 

In essence, threat modeling offers the following advantages:

  1. It guides and assists organizations in accurately identifying and prioritizing the various possible cyber security threats to their organization.
  2. It ensures that, through continuous reviews and improvements, the organization’s cyber defenses become and stay relevant to the real cyber threat landscape.
  3. It aids organizations to implement new tools that address novel threats as well as guides development teams to drive security by design in their applications.
RELATED  Digital workplace: Modern-day necessity for every organization

How Cloud Threat models differ

Cloud threat models might differ to some extent from their traditional infrastructure-based counterparts. While role-based access and traditional wall-and-moat security are effective in infrastructure-based environments, this would not suffice in cloud environments like SaaS, for example.

The modeling process for SaaS ecosystems also starts with a process of due diligence. Identifying potential vulnerabilities and implementing countermeasures to mitigate the flaws. Cyber risks to SaaS environments are, however, significantly more complex. With SaaS, different techniques can be taken based on different attack vantage points:

  • The attack could originate from outside the cloud.
  • The assailant could be someone who has already breached the boundary.
  • The attacker could even be a malicious employee who already has access to the SaaS ecosystem. 

A modern way of designing cyber security around SaaS ecosystems is the principle of Zero Trust. Zero trust is a paradigm where implicit trust does not exist for anyone or anything. By following the principle of least privilege, users and services will only be granted access to the resources they need. Not only does this cut down on the risk associated with accidental data leaks, but in the event of an actual data breach from a threat actor, lateral movement within the SaaS ecosystem is limited. This threat actor can also be isolated, and its entry point terminated.

Frameworks for a Comprehensive Threat Model

Many template frameworks for cyber security threat models do exist and are freely available online. Some examples of these frameworks are:

  • Microsoft’s STRIDE model
  • PASTA (Process for Attack Simulation and Threat Analysis) model.
  • NIST threat scoring system – CVSS (Common Vulnerability Scoring System)

These frameworks all address similar business objectives: Identify Vulnerabilities, Address Vulnerabilities, and model solutions to these vulnerabilities. 

Conclusion

As far as cyber security is concerned, vigilance has far greater value than reparation. Ensuring that your organization’s SaaS attack surface is documented allows you to manage the risks through real-time monitoring and management.

RELATED  The best mirrorless cameras for under $1000: Full-frame, APS-C, MFT