This session will show how Threat Modeling was applied to energy producers in Belgium to understand and manage cyber related risk. Threat modeling is a key part of Microsoft’s Security Development Lifecycle (SDL), but as this session will show it also can be used by asset owners.
White board hacking or threat modeling is a structured activity for identifying and evaluating threats and vulnerabilities. The security objectives, threats, and attack modeling activities during the threat modeling are designed to help you find vulnerabilities in your installation/architecture. Threat modeling allows you to consider, document, and discuss the security implications of designs in the context of their planned operational environment in a structured fashion.