Home Computer Science Securing Systems Applied Security Architecture and Threat Models
There are different audiences, different stakeholders, who need to understand risk through unique, individualized perspectives. It’s a good practice to craft risk messages that can be understood from the perspectives of each stakeholder group. As has been noted, decision makers, namely, organization l eaders, typically prefer that risk be stated in business terms, what I’ve termed “business impact.” Business impact is the effect that the successful exercise of a credible attack vector will have on the organization’s operations and goals.
But as we’ve already seen, there also exists a purely technical impact. Defenders need to understand the sorts of things that can happen to the attacked computer system. Without this understanding, defending the system adequately is not possible. Security defense must be matched to attack method and is always implemented to protect something of value. Further, one can be more precise when one understands the technical targets of particular attack methods.
There are other audiences beyond the purely technical. Each audience may need its own expression of impact. For instance, program and project managers will want to understand how successful compromise will affect their deliverables: implementation phases, schedules, resources, and budgets. Project managers are also likely to want to know whether they have missed some step in the development lifecycle. Architects will require an architectural view of impacts: which components are affected, which data can no longer be considered trustworthy, and what communication flow will need protection. Developers will want to know what features should have been delivered or what the correct behavior should have been.
Of course, not every impact will have relevance to each of these perspectives. And some stakeholders will only want impacts (executives, usually), while others (engineers) may need to understand the attack vector, as well. The wise practitioner couches risk communication in the terms best understood by the different viewpoints. “Impact” may be expressed in multiple ways so that each person can understand a risk and why it’s important to address the risk. Impact can be tailored specifically, depending upon which decisions are being made surrounding a risk. Usually, people need to understand why a risk is important to them before they will be willing to make changes in order to mitigate the risk.
|< Prev||CONTENTS||Next >|