How Threat Modeling is used to Determine and Assess threats to Information System and the Role of Vulnerability Assessment in the threat Modeling Process?
Discuss how Threat Modeling is used to determine and assess threats to information system and the roll of vulnerability assessment in the threat modeling process.
The paper should be based on leading industry practices and include at a minimum complete strategies of modeling threats and assessing vulnerabilities, the reasons why these are good strategies, the impact of threats and vulnerabilities on organizations and how organizations can best address its potential impacts.
Illustrations (figures) should be included in explaining and supporting your arguments. Experiments data should be included while possible.
This assignment must exemplify a scholarly paper that is based on external research in addition to the assigned and recommended course readings. Prepare your paper in Microsoft Word. Include a cover page, running header, table of content, an abstract, main text with section headings, conclusions, and a minimum of 7 references. The page count starts with the Abstract and ends with the Conclusions. The citations and the reference list in the paper should be formatted in accordance with APA 6th edition guidelines.
Threat Modeling
Name
Instructor
Date
Table of contents
TOC \o "1-3" \h \z \u Abstract PAGEREF _Toc446655339 \h 3
Threat Modeling PAGEREF _Toc446655340 \h 4
Vulnerability Assessment PAGEREF _Toc446655341 \h 9
Conclusion PAGEREF _Toc446655342 \h 11
Abstract
This research paper analyzes the procedure for threat modeling and the effects on the security of information system of a firm. It investigates the process used to investigate the possible sources of risks, the levels or standards of risks that can be in an information system in an organization, and the solutions. It has also the vulnerability assessment and the importance attached to it in ensuring the security of the model. The importance of vulnerability testing for threat models is critical for organizations, and it is recommended for use in all the software applications. Lastly, the impacts of threat modeling and vulnerability assessments to organizations are identified.
Threat Modeling
Threat modeling helps in analyzing the risks to information systems that are associated with an application’s use. Attacks and vulnerabilities are identified to meet the security objectives and develop the counter measurements for an organization (Microsoft, 2005). Meeting security objectives helps in smooth operations as it reduces the worries that organizations have about misuse of information. In most cases, this procedure is carried out on applications whose codes have compromised the security of information written in them. Proposal for remodeling of codes will solve these problems that are posing threats to organizations. Some threats are posed by the increase in the number of gadgets that can share the use of some applications within an organization (Mahmud & Malik, 2014).Threat modeling identifies the threats, risks and recommends the changes that should be integrated into writing new codes (Microsoft, 2005). The modeling and vulnerability situations are analyzed to find out how they change security measures in information systems.
Threat modeling has a procedure that it follows for it to realize its goals. The design begins by identifying the threats, effects, design of the possible solutions and the implementation strategies. The techniques chosen for modeling will focus on the attack, assets, and the software structures. All these will circulate what is being built, what can go wrong and how to change the insecurity issues (Shostack, 2014). The tips for identifying threats are determined by the changes from the expectations which are dictated by the results. Before deciding on a procedure there are warnings to check for; one should not ignore errors that are thought to be unnecessary because they are not what the model was focusing on, external entities which are useful as a starting point in case of a dilemma and finally, the focus on the feasible threats (Shostack, 2014). In the similar analysis, the procedure should be well designed so that some possible threats are eliminated. Reduced risks are those that are confirmed not to be causing the problems that are being identified. Other potential threats will have to be looked into to lock out any vulnerability issues. By this method, it will be easier to get convinced of the threats t...
👀 Other Visitors are Viewing These APA Essay Samples:
- Virtual teams and telecommuting (Module 4 SLP)3 pages/≈825 words | 3 Sources | APA | Technology | Essay |
- Discussion-Databases and Knowledge Base 1 page/≈275 words | 3 Sources | APA | Technology | Essay |
- In-Built Security Measures of Internet-Based Conferencing3 pages/≈825 words | 2 Sources | APA | Technology | Essay |
- Proliferation and Implications of Municipal WI-FI3 pages/≈825 words | 2 Sources | APA | Technology | Essay |
- Importance of Upgrading the IT Infrastructure of a Water Company3 pages/≈825 words | 2 Sources | APA | Technology | Essay |
- Stew (IT system)4 pages/≈1100 words | 2 Sources | APA | Technology | Essay |
- Fracking and Water Contamination10 pages/≈2750 words | 5 Sources | APA | Technology | Essay |