Threat modeling
Module duration: 4 hours
Module overview
​
An essential step in defining a system's protection strategy is modeling the system and its threats. The protection strategy must be efficient and proportional to the potential damages that the system may face. We show the concepts needed to create a risk management strategy and discuss why this strategy has to be considered a fundamental element of a security standard.
Objective of this module
This module aims to understand what kind of risk management-related requirements and concepts are typically present in cybersecurity standards and guidelines, what threat modeling is, and how to execute a threat modeling activity practically.
What you will learn:
01.
Risk management and requirements
02.
Security standards and guidelines about threat modeling
03.
How to compute a threat modeling
04.
Example of a threat modeling activity
You will cover:
This module provides the audience with the following:
​
• An extended theoretical discussion about the requirements in the risk management context
• A discussion about how to execute a threat modeling building on the cybersecurity standards and guidelines
• A practical example of how to compute a threat modeling activity, focusing on the needed pieces of information and the methodology
This module is
intended for:
The module targets professionals working for companies that must ensure that their component, product, or system has security commensurate with its expected level of risk throughout the product's life cycle.
