đź”’ Cybersecurity for lawyers

User Tools

Site Tools

Trace:
threat_modelling

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
threat_modelling [2019/08/09 19:18] – neilthreat_modelling [2021/02/26 08:49] – neil
Line 5: Line 5:
  
 You’ll sometimes see this described as “threat modelling” or understanding your "risk scenario". You’ll sometimes see this described as “threat modelling” or understanding your "risk scenario".
 +
 +If you are still no wiser about where you should start, try the UK National Cyber Security Centre's [[https://www.ncsc.gov.uk/cyberaware/actionplan|Cyber Security Self-Assessment Tool]].
  
 ====Key points ==== ====Key points ====
Line 67: Line 69:
  
 Something which is likely to be exploited, and which would cause a high level of harm, is a greater priority than something either unlikely to happen, or which is unlikely to cause much harm if it did happen. Something which is likely to be exploited, and which would cause a high level of harm, is a greater priority than something either unlikely to happen, or which is unlikely to cause much harm if it did happen.
 +
 +Bear in mind that some security controls are appropriate for highly confidential information, but some are less appropriate for less confidential information — the likelihood of harm, or the severity of the harm, does not justify the intrusion or inconvenience. There comes a point at which providing security makes it more difficult for the client to work with you, contrary to their best interests.
 +
  
  
threat_modelling.txt · Last modified: 2021/10/15 10:25 by neil