This objective uses a variety of activities to identify possible attackers and gather background information about the capability of those attackers to threaten the organization. This consists of identifying a particular attacker's history of carrying out specific threats, their capability to carry out those threats currently, and proof that the threat has intent to leverage resources against the target.
Checking the assumptions both of the organization and of the auditor by researching the current threats will ensure that an auditor is basing their work on accurate assessments of the conditions the organization faces and that they are making informed operational security considerations. With greater ownership of the process the staff provides an opportunity to explore their threat landscape and become more engaged in addressing the threats identified when the audit is complete. By engaging with as many staff as possible the auditor is providing a framework for staff to explore threat identification processes when the auditor is gone.
Threat Assessment Activities
Example text for introducing threats - Integrated Security
Written exercise: Threats assessment - Integrated Security
Threat Modeling Resources (General)
Book: "Threat Modeling: Designing for Security" (Adam Shostack)
Website: "An Introduction to Threat Modeling" (Surveillance Self-Defense)
Article: "Security for Journalists, Part Two: Threat Modeling" (Jonathan Stray)
Guide: "Managing Information Security Risk: Organization, Mission, and Information System View" (NIST)
Guide: "Guide for Conducting Risk Assessments" (NIST)
Activity: "Threat Model Activity" (Tow Center )
Threat research by focus area
Threat research by method
General Threats by Region
Database: "The Aid Worker Security Database (AWSD) records major incidents of violence against aid workers, with incident reports from 1997 through the present." (The Aid Worker Security Database (AWSD))
*Platform:* "The HumanitarianResponse.info platform is provided to the humanitairan community as a means to aid in coordination of operational information and related activities." (Humanitarian Response)
Organization: "ReliefWeb has been the leading source for reliable and timely humanitarian information on global crises and disasters since 1996." (ReliefWeb)
Legal Threats by Region
Monitor: "CNL's NGO Law Monitor provides up-to-date information on legal issues affecting not-for-profit, non-governmental organizations (NGOs) around the world." (NGO Law Monitor)
Survey: ["This is a survey of existing and proposed laws and regulations on cryptography - systems used for protecting information against unauthorized access."(http://www.cryptolaw.org/)] (The Crypto Law Survey)
List: "Who publishes Transparency Reports? - a list of transparency reports from Google, Facebook, and other popular websites. Cross-check with Alexa for locally popular services" (James Losey)
Article: "Legal Issues in Penetration Testing" (Security Current)
Wiki Page: ["Anti-circumvention: Laws and Treaties"(https://en.wikipedia.org/wiki/Anti-circumvention)] (Wikipedia)
Guide: "Encryption and International Travel" (Princeton University)
List: "National Cyber Security Policy and Legal Documents" (NATO Cooperative Cyber Defence Centre of Excellence)
Technical Threats
Country Profiles: "Current cybersecurity landscape based on the five pillars of the Global Cybersecurity Agenda namely Legal Measures, Technical Measures, Organisation Measures, Capacity Building and Cooperation." ( Global Cybersecurity Index (GCI))
Reports: Privacy International's in-depth country reports and submissions to the United Nations. (Privacy International)
Organization: "The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs, University of Toronto, Canada focusing on advanced research and development at the intersection of Information and Communication Technologies (ICTs), human rights, and global security." (The Citizen Lab)
Database: "International Cyber Developments Review (INCYDER)" (NATO Cooperative Cyber Defence Centre of Excellence)
Guide: "This handbook sets out an overview of the key privacy and data protection laws and regulations across 72 different jurisdictions, and offers a primer to businesses as they consider this complex area of compliance." (Data Protection Laws of the World - DLA PIPER)
Reports: "Country Reports" (Open Network Inititiative)
Reports: "Regional Overviews" (Open Network Inititiative)
Portal: "Country Level Information security threats" (The ISC Project)
Targeted Malware
Censorship and Surveillance Reports
Map: "Cyber-Censorship Map" (Alkasir)
Dashboard: "At-A-Glance Web-Blockage Dashboard" (Herdict )
Travel Threats
List: "Foreign travel advice" (GOV.UK)
List: "Travel Advice" (Australian Government)
Alerts: "Travel Alerts & Warnings" (US Department of State)
List: "List of airlines banned within the EU" (European Commission)
List: "A list of aircraft operators that have that have suffered an accident, serious incident or hijacking." (Aviation Safety Network)
Map: "A global display of Terrorism and Other Suspicious Events" (Global Incident Map)
undefined
The ISC Project completes evaluations of information security threats in a broad range of countries. The resulting comprehensive written assessments describe each country’s digital security situation through consideration of four main categories: online surveillance, online attacks, online censorship, and user profile/access.↩
EISF distributes frequent analysis and summaries of issues relevant to humanitarian security risk management.↩