Identification of Threats

00:01

Lesson 4.3 Identification off threats

00:08

In this lesson,

00:09

we'll cover what traits are,

00:12

and we'll go over a few examples of threats.

00:19

So what are threats?

00:23

These can be man made,

00:25

intentional or accidental,

00:28

natural or environmental in nature.

00:31

Threats are a specific type of event or action performed that could result in damage to assets.

00:38

For most threats to occur, there would also need to be a vulnerability present, which we will discuss in the next section.

00:46

One of the easiest ways to come up with threads is search for some free guides online with the most common ones

00:53

I sold, 27,000 and five gives a table of some of the most common threats.

00:59

The most important thing to do during your threat identification is to list all possible threats that could happen to your organization,

01:06

regardless of any controls that may or may not already exist.

01:11

You want to be as open minded as possible to ensure you go through as many possible adverse scenarios as you can.

01:18

But, for example,

01:19

if your organization is in a desert and the threat list that you're working off suggests blizzard or ice or snow storm as a potential threat

01:30

that probably doesn't need to go on your threat list, given the environment that you are based in.

01:34

But something like fire is always a threat, even if you have controls in place

01:40

and should always form a part of the threat list. Regardless of its current likelihood,

01:46

you want to be able to assess where you currently stand against these streets and accurately determined your key areas of weakness and likelihood for risk to materialize.

01:57

With regards to human threats,

01:59

it is useful to put them into buckets of threat actors.

02:02

These buckets can include groups like hackers,

02:07

nation states, terrorists, disgruntled employees, activists, etcetera.

02:13

It's a largely to assess each of these types of actors in terms of their motivation,

02:17

to get your organisation's assets

02:20

as well as the capability of the great actors.

02:23

You should obviously keep the ones that are both very capable and motivated at the top of mind for the next steps in the risk management process.

02:36

There are multiple threat modern methodologies out there, so choose best one that works for your organization.

02:49

So as we mentioned briefly on the previous slide,

02:52

here are some of the common threat actor bucket groups

02:57

having a list to start off with and make the process easier to think off other potential threat actors, which are unique to your organization.

03:06

For each of these buckets,

03:07

we need to look at the capability as well as the motivation off these threat actors in relation to your organization.

03:15

If you're a corner store bakery, a terrorist organization is probably not going to be very motivated to target you.

03:23

But if you're a government department or even a critical infrastructure organization to your country,

03:30

you'd probably be a lot higher on the target list for a terrorist group.

03:36

Capability Off a Thread actor is how technically capable they are to gain access to information and sits,

03:42

especially those stored and transmitted in Elektronik formats.

03:47

A criminal syndicate, for example, would typically be very capable, as they often have large financial backing for their operations, and they are able to recruit very skilled hackers.

04:00

A general user, on the other hand, is probably not as technical,

04:03

technically capable,

04:04

especially with regards to advanced hacking techniques.

04:10

Motivation is where you determine or estimate how motivated an attacker would be to try and get your information.

04:16

In other words, How badly do they want it?

04:23

The easiest is to assess

04:25

capability and motivation on a scale of 1 to 5.

04:30

There are resource is available online

04:32

to help you give definition

04:34

to what each of these levels meaning.

04:38

Basically, level five is the most capable and most highly motivated,

04:44

while Level one would be the least capable and least motivated.

04:48

Multiplying your motivation, by your capability

04:53

would give you the overall level off threat.

04:57

Putting this in the Matrix would allow you to plot these levels in terms off critical, very high medium low,

05:06

an insignificant, for example,

05:13

to summarize.

05:15

In this lesson, we covered what the threats are

05:17

and why they need to be considered during risk management.

05:21

We looked at examples of different types of threats and threat actors.