Relationship between various Risk Scenario Components
  • 2 Minutes to read
  • PDF

Relationship between various Risk Scenario Components

  • PDF

Article summary

Introduction


Risk Scenarios in SAFE enable users to model potential risks and understand their potential impact on various business resources. Constructing these scenarios requires a deep understanding of the complex relationships between Attack Outcomes, Threat Actors, and Business Resources. 

This guide aims to help users navigate through the process of selecting the appropriate Business Resources and Threat Actors to achieve desired Attack Outcomes.

Defining a Risk Scenario


Business Resources

After selecting a Group, the second step of creating a Risk Scenario is to define the relevant Business Resources within the organization. Business Resources can include a wide range of Data, Business Processes, and Cash. Carefully choose the specific Business Resources that are pertinent to the Risk Scenario they want to model.

Threat Actors

After identifying Business Resources, users are presented with potential Threat Actors that may target their organization. These Threat Actors can include Cyber Criminals, Advanced Persistent Threats (APTs), Nation-States, Privileged Insiders, and Non-Privileged Insiders.

Attack Outcomes

Once Business Resources and Threat Actors have been identified, users move on to the critical step of selecting Attack Outcomes. This involves exploring the potential impacts of the chosen Threat Actor on the selected Business Resources. Possible outcomes may include Ransomware with Data Exfiltration, Data Exfiltration, Distributed Denial of Service (DDoS), Ransomware without Data Exfiltration, Cryptomining, Financial Frauds, and others, as listed in the table below.

Mapping of Attack Outcome to Threat Actor and Business Resource


The below table provides a clear overview of the relationships between the core components of a Risk Scenario, assisting users in selecting relevant Business Resources, Threat Actors, and desired Outcomes.

Attack Outcome

Threat Actor

Business Resource

Ransomware without Data Exfiltration

APTs

  • Business Process generating revenue
  • Business Process Impacting Third Party's Revenue

Cyber Criminals

  • Business Process generating revenue
  • Business Process Impacting Third Party's Revenue

Nation-State

  • Business Process generating revenue
  • Business Process Impacting Third Party's Revenue

Ransomware with Data Exfiltration

APTs

  • Sensitive Personal Data
  • IP & Trade Secrets Data
  • Co-owned Proprietary Data
  • Business Process generating revenue
  • Business Process Impacting Third Party's Revenue

Cyber Criminals

  • Sensitive Personal Data
  • IP & Trade Secrets Data
  • Co-owned Proprietary Data
  • Business Process generating revenue
  • Business Process impacting Third Party's Revenue

Nation-State

  • Sensitive Personal Data
  • IP & Trade Secrets Data
  • Co-owned Proprietary Data
  • Business Process generating revenue
  • Business Process impacting Third Party's Revenue

Data Exfiltration

APTs

  • Sensitive Personal Data
  • IP & Trade Secrets Data
  • Co-owned Proprietary Data

Cyber Criminals

  • Sensitive Personal Data
  • IP & Trade Secrets Data
  • Co-owned Proprietary Data

Nation-State

  • Sensitive Personal Data
  • IP & Trade Secrets Data
  • Co-owned Proprietary Data

Privileged Insider

  • Sensitive Personal Data
  • IP & Trade Secrets Data
  • Co-owned Proprietary Data

Non Privileged Insider

  • Sensitive Personal Data
  • IP & Trade Secrets Data
  • Co-owned Proprietary Data

DDoS

APTs

  • Business Process generating revenue
  • Business Process impacting Third Party's Revenue

Cyber Criminals

  • Business Process generating revenue
  • Business Process impacting Third Party's Revenue

Nation-State

  • Business Process generating revenue
  • Business Process impacting Third Party's Revenue

Cryptomining

Cyber Criminals

  • Business Process generating cost

Financial Fraud

APTs

  • Cash

Cyber Criminals

  • Cash

Nation-State

  • Cash

Privileged Insider

  • Cash

Non Privileged Insider

  • Cash

Wiper

APTs

  • Business Process generating revenue
  • Business Process Impacting Third Party's Revenue

Cyber Criminals

  • Business Process generating revenue
  • Business Process Impacting Third Party's Revenue

Nation-State

  • Business Process generating revenue
  • Business Process Impacting Third Party's Revenue

Mapping of Business Resources to Attack Outcome and Threat Actor


Business Resource

Attack Outcome

Threat Actors

Sensitive Personal Data

Ransomware with Data Exfiltration

  • APTs
  • Cyber Criminals
  • Nation-State

Data Exfiltration

  • APTs
  • Cyber Criminals
  • Nation-State
  • Privileged Insider
  • Non Privileged Insider

IP & Trade Secrets Data

Ransomware with Data Exfiltration

  • APTs
  • Cyber Criminals
  • Nation-State

Data Exfiltration

  • APTs
  • Cyber Criminals
  • Nation-State
  • Privileged Insider
  • Non Privileged Insider

Co-owned Proprietary Data

Ransomware with Data Exfiltration

  • APTs
  • Cyber Criminals
  • Nation-State

Data Exfiltration

  • APTs
  • Cyber Criminals
  • Nation-State
  • Privileged Insider
  • Non Privileged Insider

Business Process generating revenue

Ransomware without Data Exfiltration

  • APTs
  • Cyber Criminals
  • Nation-State

Ransomware with Data Exfiltration

  • APTs
  • Cyber Criminals
  • Nation-State

DDoS

  • APTs
  • Cyber Criminals
  • Nation-State

Wiper

  • APTs
  • Cyber Criminals
  • Nation-State

Business Process Impacting Third Party's Revenue

Ransomware without Data Exfiltration

  • APTs
  • Cyber Criminals
  • Nation-State

Ransomware with Data Exfiltration

  • APTs
  • Cyber Criminals
  • Nation-State

DDoS

  • APTs
  • Cyber Criminals
  • Nation-State

Wiper

  • APTs
  • Cyber Criminals
  • Nation-State

Business Process generating cost

Cryptomining

  • Cyber Criminals

Cash

Financial Fraud

  • APTs
  • Cyber Criminals
  • Nation-State
  • Privileged Insider
  • Non Privileged Insider



Was this article helpful?