View Webinar

Price: $0
No charge, funded by The Conference Board of Canada and/or the research sponsor

Scaling Your Cyber Security Threat Modeling Challenge

The Conference Board of Canada, June 15, 2018
Recorded Webinar
(You must be signed in and entitled to rate this report)

There are two schools of thought around threat modeling. One school advocates the creation of attack trees and data flow diagrams. This requires extensive, cross-functional, security skills and is not a scalable approach. The other school encourages organic insertion of defenses based only on current context without “boiling the ocean”. This lack of systems thinking leaves applications vulnerable as exploits in a weaker component can open the door to critical systems.

Part of the problem is threat modeling today is largely an art. We need to inject more science in this domain and derive a repeatable and auditable approach that maps to risk. Such a model should abstract away the non-scalable elements and still provide a high degree of assurance in today’s faster velocity business context.

Webinar Highlights

During this recorded webinar, Altaz outlines a threat modeling framework that abstracts traditional methods into systems, data, and people components. You will come away with an approach that takes away some of the scalability problems of traditional threat modeling, yet provides sufficient rigor and systems thinking to help manage risk.

About Altaz

Altaz Valani is the Director of Research at Security Compass and manages the overall research vision and team. Prior to joining Security Compass, he was a Senior Research Director and Executive Advisor at Info-Tech Research Group providing trusted advice around application development, application rationalization, agile, cloud, mobile, and the SDLC. Other past positions include Senior Manager at KPMG, and other positions working alongside senior stakeholders to drive business value through software development. Altaz also sits on 3 IEEE Working Groups where DevSecOps and Privacy challenges are being tabled at the international standards level.

View Webinar

Price: $0
No charge, funded by The Conference Board of Canada and/or the research sponsor