Risk Assessment

1. Risk Assessment What is good about the Microsoft approach to threat modeling? What is bad about it? OCTAVE…  Advantage: ___________  Disadvantage: ___________

2. OCTAVE– a brief history 1999 OCTAVE developed by Software Engineering Institute 2003 OCTAVE-S a streamlined version 2007 OCTAVE Allegro http://www.sei.cmu.edu/reports/07tr012.pdf

3. OCTAVE Allegro Roadmap (see reference on previous slide)

4. Step 1: Establish Risk Mgmt Criteria • This is concerned with things like … • “organizational drivers”, • “mission”, • “business objectives” The purpose is to think about later threat ranking

5. Step 2: Develop an Info Asset Profile For a software project we need to  __________________  __________________  ___________________ Step 3: Identify Asset Containers Where are the assets  ..stored?  ..transported?  ..processed?

6. Step 4: Identify Areas of Concern Brainstorm possible threats Step 5: Identify Threat Scenarios Build threat trees A scenario is ___________________________

7. Step 6: Identify Risks Step 7: Analyze Risks Use formula of probability * impact Step 8: Select Mitigation Approach An interesting omission from the Microsoft approach

8. Ranking Example For a single threat/risk: There are worksheets to help discover ranges for ranking