While it’s always ideal to build security automation into the software development process, it’s never too late to engage in threat modeling to better understand cloud infrastructure security. The practice provides a way for organizations to better understand any potential vulnerabilities, as well as develop a strategy for managing threats.
The following steps will help you create a threat model for cloud infrastructure security:
Identify your team: The ideal combination includes cross-disciplinary strengths, with a member of your security team leading the group. Consideration for inclusion should cover the security team, site reliability specialists, application developers and business owners. By including a variety of skills and strengths in your team, the result will be a holistic view of security, including what can be done to reduce risk across the organization.
System modeling: Once your team is in place, define the boundaries of the system, such as whether your web is front end, or if you are using a single micro service. Be cautious about making the boundary too inclusive, because as it gets wider it will be more difficult for modeling. Consider the following factors:
- Trust boundaries
- Parties interacting around and outside the trust boundaries
- How information moves in and out of the trust boundaries
- Potential vulnerabilities or threats to boundaries
- Potential threat agents
- The possible impact of exploitation
Identify risk mitigation steps: Start with an initial list of risk mitigation steps you can take. Identify any areas of your boundary that could affect the threat model if they are configured incorrectly. You might look closely at the control place for your cloud infrastructure to determine whether there are any security misconfigurations that might allow a hacker to gain access to your private services or your public cloud console. Many high-profile security breaches are through open infrastructure ports.
Create a cloud infrastructure security remediation plan: Your first step consists of ranking the risk severity of each threat, followed by the all-important step of assigning a team member to be responsible for addressing it. Your risk owners will help everyone on the team know who is accountable for introducing a solution for each threat your team has identified.
Whenever and wherever possible, automate the security measure into a process that can prevent the vulnerability from occurring again in the future. This repeatable, consistent plan will allow you to continue to reduce and mitigate risks in your organization.
Creating a threat model for cloud infrastructure security is a time-consuming process, but it is one that is absolutely necessary in today’s cyber security environment. Contact us at Diversified Technology Group for guidance in your threat model process or for information about solutions that can aid in managing enterprise security.