[ISM3 Users] Tuesday Insight: Threat Taxonomy

[Vicente Aceituno]

I haven't been able to find a good and commonly accepted threat taxonomy.

A threat causes harm sometimes helped by a weakness, sometimes impeded
by a countermeasure.

A threat has an agent, a mechanism and consequences for an information
system or repository.

Using agent and consequences for classification, threats can be
classed as Errors (unintentional human action), Attacks (intentional
human action) and Accidents (&Disasters) (non-human action).

The consequences of an Attack, Error or Accident can be:

1 Failure to destroy of repositories or messages
2 Destruction or Loss of repositories or messages
3 Theft of repositories or messages
4 Interruption of repositories or messages
5 Corruption of repositories or messages
6 Outdated repositories or messages
7 Unauthorized access, Disclosure of repositories or messages
8 Improper use of authorized access of repositories or messages
9 Improper recording of access to services, channels or interfaces
10 Failure to stop services, channels or interfaces
11 Destruction or Loss of services, channels or interfaces
12 Eavesdropping of services, channels or interfaces
13 Underperformance or Interruption of services, channels or interfaces
14 Corruption of services, channels or interfaces
15 Unauthorized use of services, channels or interfaces
16 Improper use of authorized access of services, channels or interfaces
17 Improper recording of use of services, channels or interfaces
18 Aging of services, channels or interfaces

While some will argue that the mechanism of the threat is important, I
don't think it is always necessary. There are hundreds of different
and subtle ways to attack a system. Is it necessary to analyze every
single way, or is it better to design and protect the systems in a way
that makes it resilient to any threat?

For example a good backup process can protect any system from several
of these threats...

My best

Vicente