WEBVTT

1
00:00:00.000 --> 00:00:03.177
In this lesson, we will learn about Modeling

2
00:00:03.177 --> 00:00:05.732
without an Existing System.

3
00:00:05.732 --> 00:00:09.450
Modeling without an existing IT system

4
00:00:09.450 --> 00:00:11.190
assesses potential threats

5
00:00:11.190 --> 00:00:13.380
and vulnerabilities for systems

6
00:00:13.380 --> 00:00:17.070
that are not fully yet developed or deployed.

7
00:00:17.070 --> 00:00:20.580
This is done to preemptively identify risks

8
00:00:20.580 --> 00:00:24.090
and implement security controls while envisioning

9
00:00:24.090 --> 00:00:28.080
how the system will function, considering what types

10
00:00:28.080 --> 00:00:32.520
of data it will handle, the expected user interactions

11
00:00:32.520 --> 00:00:37.140
and the anticipated integration points with other systems.

12
00:00:37.140 --> 00:00:40.050
Based on this hypothetical model,

13
00:00:40.050 --> 00:00:43.680
an organization can identify potential threats

14
00:00:43.680 --> 00:00:47.520
such as data breaches or unauthorized access

15
00:00:47.520 --> 00:00:51.060
and then they can select appropriate controls

16
00:00:51.060 --> 00:00:53.880
like encryption, access management,

17
00:00:53.880 --> 00:00:57.750
and network segmentation to mitigate these risks

18
00:00:57.750 --> 00:01:01.170
before the system goes into production.

19
00:01:01.170 --> 00:01:03.570
Let's learn more about modeling threats

20
00:01:03.570 --> 00:01:07.830
without an existing IT system in place.

21
00:01:07.830 --> 00:01:10.440
When modeling the applicability of threats

22
00:01:10.440 --> 00:01:15.440
to an organization without an existing IT system in place,

23
00:01:15.600 --> 00:01:20.070
the approach focuses on preemptively identifying risks

24
00:01:20.070 --> 00:01:24.540
before the system is fully developed or deployed.

25
00:01:24.540 --> 00:01:26.730
This method requires envisioning

26
00:01:26.730 --> 00:01:30.510
how the system will function, considering what types

27
00:01:30.510 --> 00:01:35.310
of data it will handle, the expected interactions with users

28
00:01:35.310 --> 00:01:38.940
and the integration points with other systems.

29
00:01:38.940 --> 00:01:42.510
By thinking ahead, organizations can identify

30
00:01:42.510 --> 00:01:45.270
potential threats and vulnerabilities

31
00:01:45.270 --> 00:01:49.080
and plan appropriate mitigating controls.

32
00:01:49.080 --> 00:01:50.460
This is useful

33
00:01:50.460 --> 00:01:52.830
because it allows the organization

34
00:01:52.830 --> 00:01:56.160
to build security measures into the system

35
00:01:56.160 --> 00:02:00.480
from the ground up rather than retrofitting them later.

36
00:02:00.480 --> 00:02:02.640
The first step in this process

37
00:02:02.640 --> 00:02:06.990
is to anticipate the architecture of the future system.

38
00:02:06.990 --> 00:02:11.490
Will it be cloud-based on premise or a hybrid model,

39
00:02:11.490 --> 00:02:15.210
and will it interact with third party systems?

40
00:02:15.210 --> 00:02:18.240
Understanding the answers to these questions

41
00:02:18.240 --> 00:02:20.100
and the system structure

42
00:02:20.100 --> 00:02:23.880
will help pinpoint potential entry points for attacks.

43
00:02:23.880 --> 00:02:27.270
For example, if the system is cloud-based,

44
00:02:27.270 --> 00:02:29.520
threats like unauthorized access

45
00:02:29.520 --> 00:02:32.460
to cloud resources or data breaches

46
00:02:32.460 --> 00:02:36.240
through poorly secured application programming interfaces

47
00:02:36.240 --> 00:02:40.140
or APIs are significant concerns.

48
00:02:40.140 --> 00:02:44.370
So by having a clear idea of how the IT system

49
00:02:44.370 --> 00:02:47.400
will function, organizations can begin

50
00:02:47.400 --> 00:02:50.580
to map out areas of vulnerability.

51
00:02:50.580 --> 00:02:53.760
Once the system architecture is envisioned,

52
00:02:53.760 --> 00:02:57.120
it is essential to consider what types of data

53
00:02:57.120 --> 00:03:00.270
the system will process and store.

54
00:03:00.270 --> 00:03:03.480
Different types of data carry different risks.

55
00:03:03.480 --> 00:03:06.600
For instance, a system handling sensitive

56
00:03:06.600 --> 00:03:10.260
customer information such as credit card numbers

57
00:03:10.260 --> 00:03:13.890
or medical records, is particularly vulnerable

58
00:03:13.890 --> 00:03:15.420
to data breaches.

59
00:03:15.420 --> 00:03:18.780
Knowing this, an organization can prioritize

60
00:03:18.780 --> 00:03:22.380
data protection controls such as encryption

61
00:03:22.380 --> 00:03:26.100
for both data at rest and data in transit,

62
00:03:26.100 --> 00:03:29.430
to ensure that even if the data is intercepted

63
00:03:29.430 --> 00:03:32.850
or accessed by an unauthorized party,

64
00:03:32.850 --> 00:03:35.082
it remains unreadable.

65
00:03:35.082 --> 00:03:36.982
The next consideration

66
00:03:36.982 --> 00:03:40.290
is how users will interact with the system.

67
00:03:40.290 --> 00:03:44.400
Will employees, customers or third parties need access?

68
00:03:44.400 --> 00:03:48.780
If so, what levels of access will they require?

69
00:03:48.780 --> 00:03:52.710
By assessing these types of anticipated interactions,

70
00:03:52.710 --> 00:03:55.648
organizations can identify potential risks

71
00:03:55.648 --> 00:04:00.648
related to unauthorized access or misuse of the system.

72
00:04:00.660 --> 00:04:04.680
For example, if the system will have multiple user types

73
00:04:04.680 --> 00:04:07.110
with different access levels,

74
00:04:07.110 --> 00:04:10.170
implementing access management controls

75
00:04:10.170 --> 00:04:13.230
such as role-based access control

76
00:04:13.230 --> 00:04:15.960
would be a good mitigating measure.

77
00:04:15.960 --> 00:04:19.410
This would ensure that each user only has access

78
00:04:19.410 --> 00:04:23.070
to the resources necessary for their role,

79
00:04:23.070 --> 00:04:27.261
reducing the risk of unauthorized data exposure.

80
00:04:27.261 --> 00:04:30.870
Another factor to consider is the IT systems

81
00:04:30.870 --> 00:04:34.230
integration points with other IT systems,

82
00:04:34.230 --> 00:04:37.620
both internal and external.

83
00:04:37.620 --> 00:04:41.520
Integrations often create additional security risks

84
00:04:41.520 --> 00:04:45.111
as they effectively expand the system's attack surface.

85
00:04:45.111 --> 00:04:48.300
For example, if the system will integrate

86
00:04:48.300 --> 00:04:51.480
with third party services via APIs,

87
00:04:51.480 --> 00:04:54.000
there's a risk of API abuse

88
00:04:54.000 --> 00:04:58.050
where attackers might exploit weaknesses in the API

89
00:04:58.050 --> 00:05:01.330
to access sensitive data or functions.

90
00:05:01.330 --> 00:05:05.490
So to mitigate this, organizations can plan

91
00:05:05.490 --> 00:05:09.570
to implement strong API security controls,

92
00:05:09.570 --> 00:05:13.710
such as requiring authentication for API calls,

93
00:05:13.710 --> 00:05:18.510
setting rate limits and monitoring for unusual activity.

94
00:05:18.510 --> 00:05:22.110
Now, with these potential risks identified,

95
00:05:22.110 --> 00:05:24.600
organizations can begin selecting

96
00:05:24.600 --> 00:05:27.090
the appropriate security controls

97
00:05:27.090 --> 00:05:30.540
to mitigate them before the system is launched.

98
00:05:30.540 --> 00:05:34.110
For example, multifactor authentication

99
00:05:34.110 --> 00:05:38.710
is a common control to protect against unauthorized access.

100
00:05:38.710 --> 00:05:42.360
Requiring users to verify their identity

101
00:05:42.360 --> 00:05:45.030
through two or more authentication methods

102
00:05:45.030 --> 00:05:47.760
significantly reduces the chances

103
00:05:47.760 --> 00:05:52.290
of unauthorized users gaining access to the system.

104
00:05:52.290 --> 00:05:56.280
With MFA or multi-factor authentication,

105
00:05:56.280 --> 00:05:59.640
employees logging in from remote locations

106
00:05:59.640 --> 00:06:03.180
may need to provide a password as well as a code

107
00:06:03.180 --> 00:06:07.890
sent to their mobile device to access network resources.

108
00:06:07.890 --> 00:06:10.920
Encryption is another mitigating control

109
00:06:10.920 --> 00:06:14.610
for IT systems handling sensitive data,

110
00:06:14.610 --> 00:06:18.030
encrypting data at rest or when it's stored

111
00:06:18.030 --> 00:06:19.950
and encrypting data in transit

112
00:06:19.950 --> 00:06:24.292
or when it is moving through the network protects it

113
00:06:24.292 --> 00:06:26.880
from being intercepted and misused.

114
00:06:26.880 --> 00:06:31.260
This way, even if an attacker gains access to the system

115
00:06:31.260 --> 00:06:34.560
or intercepts the data, they would not be able

116
00:06:34.560 --> 00:06:37.710
to read it without the decryption keys.

117
00:06:37.710 --> 00:06:41.250
This control is especially important for systems

118
00:06:41.250 --> 00:06:45.030
that handle personal data, financial information,

119
00:06:45.030 --> 00:06:48.120
or any other confidential records.

120
00:06:48.120 --> 00:06:52.020
Finally, network segmentation is a strategy

121
00:06:52.020 --> 00:06:53.370
that can limit the spread

122
00:06:53.370 --> 00:06:57.450
of an attack within the system should it occur.

123
00:06:57.450 --> 00:07:01.680
By dividing the network into smaller isolated segments,

124
00:07:01.680 --> 00:07:04.170
organizations can restrict access

125
00:07:04.170 --> 00:07:07.020
between different parts of the system.

126
00:07:07.020 --> 00:07:10.080
This means that if an attacker compromises

127
00:07:10.080 --> 00:07:13.170
one part of the system, they won't be able

128
00:07:13.170 --> 00:07:15.750
to easily move throughout the network

129
00:07:15.750 --> 00:07:19.977
to cause further damage for a system in development.

130
00:07:19.977 --> 00:07:23.190
Planning for network segmentation early on

131
00:07:23.190 --> 00:07:25.920
ensures that this control is embedded

132
00:07:25.920 --> 00:07:30.692
into the design rather than added after the fact.

133
00:07:30.692 --> 00:07:35.692
So remember, modeling threats without an existing IT system

134
00:07:36.837 --> 00:07:40.350
focuses on identifying potential risks

135
00:07:40.350 --> 00:07:43.980
before the system is developed or deployed.

136
00:07:43.980 --> 00:07:47.583
This involves envisioning how the system will function,

137
00:07:47.583 --> 00:07:50.130
what types of data it will handle,

138
00:07:50.130 --> 00:07:53.070
and how users will interact with it.

139
00:07:53.070 --> 00:07:56.130
By assessing these elements early on,

140
00:07:56.130 --> 00:07:59.700
organizations can identify vulnerabilities

141
00:07:59.700 --> 00:08:03.780
and select appropriate security measures like encryption

142
00:08:03.780 --> 00:08:07.350
and access management to mitigate risks.

143
00:08:07.350 --> 00:08:09.900
Additionally, planning for security

144
00:08:09.900 --> 00:08:12.510
from the start allows controls

145
00:08:12.510 --> 00:08:15.900
to be embedded into the system's design.

146
00:08:15.900 --> 00:08:19.500
This proactive approach helps prevent issues

147
00:08:19.500 --> 00:08:24.213
and ensures the system is secure when it goes live.