Cybersecurity Strategies Through the Power of Probability!
Sandeep Sista
Partner @ Sydr Systems by SITE | NUS - MBA | Massachusetts Institute of Technology | TOGAF | Cisco CSM
In my younger days math used to scare me ?? , up until I got certified as a #SixSigma professional in 2006 and when got introduced to DMD (Data Management and Decisions) as a core subject in my MBA course at #NUS, where application of statistics in business was the key focus.
Here is a step by step approach on how you can use the concept of probability to design data driven decisions to enhance your organizations Security Posture, and easily get Business buy-in for budgets.
Steps:
1. Identify the variables:
2. ?????????????? ?????? ???????????? ?????????????????? (??): Identify potential threats, including:
a. Phishing attempts targeting employees.
b. Malware infections through outdated software.
c. Insider threats from disgruntled employees.
????????: for the below steps, ?????? ?????? ?????? ?? ?????????????? ???????????? ?????????? ???????????? ???????????? ???????????????? ???????? ?????????????????????? ??????????????????????????????. ???? ???????????????????????????? ???? ?? ?????????????????? ?????????????????????? ?????? ?????????????? ?????????????? ???? ?? ???????????? ??????.
3. ?????????????? ?????? ?????????????????????????? ?????????? (??): IT and PTVA can score the following types of data:
a. 15% of endpoints are running outdated software (e.g., V = 3).
b. Misconfigurations in firewall settings (e.g., V = 4).
c. Insufficient access controls for sensitive data (e.g., V = 5).
4. ?????????????? ?????? ???????????? (??): The team estimates the impact of each threat:
a. Successful phishing could lead to significant financial loss and reputational damage (e.g., I = 8).
领英推荐
b. Malware infection could cause operational downtime and data loss (e.g., I = 6).
c. Insider threats might lead to breaches of sensitive customer data (e.g., I = 9).
5. ?????????????? ?????? ?????????????????????? ???? ???????????????????? (??): Together IT, PTVA, GRC, BCM and other impacted teams can analyzes historical data to quantify the probability of each threat exploiting its vulnerabilities along with external sources as information:
a. Phishing has a historical exploitation probability of 40% (e.g., P = 0.4).
b. Malware exploiting outdated software has a probability of 30% (e.g., P = 0.3).
c. Insider threats have an occurrence probability of 20% (e.g., P = 0.2).
6. ?????????????? ?????? ???????? ?????????? (??): Using the variables, we can now calculate risk scores for each threat, where ?? = ??rob. (of ???????????? ??????????????????)* ?? * ??
a. R(Phishing)= 0.4 3 8 = 9.6
b. R(Malware) = 0.3* 4 * 6 = 7.2
c. R(Insider Threat) = 0.2* 5 * 9 = 9.0
Now you can prioritize (for example) initiatives addressing phishing (R = 9.6), followed closely by insider threats (R = 9.0).
7. ?????????????? ?????? ???????????????????????????? ?????? ?????????? ???? ???????????? ?????? ?????????????? ??????????????:
Hope this helps and have fun enhancing your security posture through the power of Math!!
#CISO #Cybersecurity #Compliance #DigitalTransformation #SecurityPosture