fbpx Skip to content

Knowledge Byte: Threat Model for Cloud Service Deployment

84057392_3382513485109192_2570936499621068800_n

Cloud Credential Council (CCC)

pcs-cover6

Each service and deployment model has its own risks. The best way to treat risks within cloud is to develop a threat model for the service deployment based on the assets in cloud.

What is a Threat Model?

  • A model of the system (cloud environment), which depicts:
    • The system structure, its components, and the flow of control relationships.
    • The assets (data and function) in the system.
    • The security controls protecting the assets.
  • This model of the system is compared against:
    • A list of potential ‘threat or risk scenarios.’
    • A list of potential attackers, disasters, (natural or man-made), and human error.

Threat Modeling in the Cloud

The objective of the threat model is to identify and assess threats in a cloud service. It involves examining the assets, vulnerabilities, entry points, and actors in the cloud environment.

The threat model shows that everything starts with an owner and ends with an asset. Organizations moving into the cloud need to understand their business ownership and the value of their asset in order to apply appropriate countermeasures or protections. The following figure shows a sample threat model:

Related products to help you upskill

Sorry, we couldn't find any posts. Please try a different search.

Never miss an interesting article

Get our latest news, tutorials, guides, tips & deals delivered to your inbox.

Please enter your name.
Please enter a valid email address.
Please check the required field.
Something went wrong. Please check your entries and try again.

Keep learning

PCSM-cover2

Knowledge Byte: 5 Key Cloud Management Roles

Cloud service management roles are not fully defined in a single framework or standard. In addition, the crossover among service management, the organization and cloud...
A Massive Influx Into Remote Work Creates an Opportunity for Hackers

A Massive Influx Into Remote Work Creates an Opportunity for Hackers

While the coronavirus pandemic has infected millions of people worldwide, sending people back to work and study from home, these new habits could benefit cybercriminals....
jurian article

ITIL® 4, Why Should You? What’s New?

By 2019, when ITIL® 4 was finally launched, ITIL had been the leading guidance for IT Service Management for the past three decades. Millions of...
Scroll To Top
Tweet
Share
Share