Relationship between various Risk Scenario Components
- 2 Minutes to read
- Print
- PDF
Relationship between various Risk Scenario Components
- 2 Minutes to read
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Introduction
Risk Scenarios in SAFE enable users to model potential risks and understand their potential impact on various business resources. Constructing these scenarios requires a deep understanding of the complex relationships between Attack Outcomes, Threat Actors, and Business Resources.
This guide aims to help users navigate through the process of selecting the appropriate Business Resources and Threat Actors to achieve desired Attack Outcomes.
Defining a Risk Scenario
Business Resources
After selecting a Group, the second step of creating a Risk Scenario is to define the relevant Business Resources within the organization. Business Resources can include a wide range of Data, Business Processes, and Cash. Carefully choose the specific Business Resources that are pertinent to the Risk Scenario they want to model.
Threat Actors
After identifying Business Resources, users are presented with potential Threat Actors that may target their organization. These Threat Actors can include Cyber Criminals, Advanced Persistent Threats (APTs), Nation-States, Privileged Insiders, and Non-Privileged Insiders.
Attack Outcomes
Once Business Resources and Threat Actors have been identified, users move on to the critical step of selecting Attack Outcomes. This involves exploring the potential impacts of the chosen Threat Actor on the selected Business Resources. Possible outcomes may include Ransomware with Data Exfiltration, Data Exfiltration, Distributed Denial of Service (DDoS), Ransomware without Data Exfiltration, Cryptomining, Financial Frauds, and others, as listed in the table below.
Mapping of Attack Outcome to Threat Actor and Business Resource
The below table provides a clear overview of the relationships between the core components of a Risk Scenario, assisting users in selecting relevant Business Resources, Threat Actors, and desired Outcomes.
Attack Outcome | Threat Actor | Business Resource |
Ransomware without Data Exfiltration | APTs |
|
Cyber Criminals |
| |
Nation-State |
| |
Ransomware with Data Exfiltration | APTs |
|
Cyber Criminals |
| |
Nation-State |
| |
Data Exfiltration | APTs |
|
Cyber Criminals |
| |
Nation-State |
| |
Privileged Insider |
| |
Non Privileged Insider |
| |
DDoS | APTs |
|
Cyber Criminals |
| |
Nation-State |
| |
Cryptomining | Cyber Criminals |
|
Financial Fraud | APTs |
|
Cyber Criminals |
| |
Nation-State |
| |
Privileged Insider |
| |
Non Privileged Insider |
| |
Wiper | APTs |
|
Cyber Criminals |
| |
Nation-State |
|
Mapping of Business Resources to Attack Outcome and Threat Actor
Business Resource | Attack Outcome | Threat Actors |
Sensitive Personal Data | Ransomware with Data Exfiltration |
|
Data Exfiltration |
| |
IP & Trade Secrets Data | Ransomware with Data Exfiltration |
|
Data Exfiltration |
| |
Co-owned Proprietary Data | Ransomware with Data Exfiltration |
|
Data Exfiltration |
| |
Business Process generating revenue | Ransomware without Data Exfiltration |
|
Ransomware with Data Exfiltration |
| |
DDoS |
| |
Wiper |
| |
Business Process Impacting Third Party's Revenue | Ransomware without Data Exfiltration |
|
Ransomware with Data Exfiltration |
| |
DDoS |
| |
Wiper |
| |
Business Process generating cost | Cryptomining |
|
Cash | Financial Fraud |
|
Was this article helpful?