Maximising Security with Threat Modelling in the Cloud - Romina Druta & Daniela Cruzes

Threat modeling should be asset-centric, focusing on identifying critical assets and how they can be exploited rather than trying to cover everything

Key attack vectors in cloud environments:

• Publicly exposed resources and misconfigured services
• IAM/privilege escalation through weak access controls
• Lateral movement between resources
• Data exfiltration through misconfigured networking
• DDoS attacks leveraging auto-scaling

Important security controls:

• Network segmentation and micro-segmentation
• Strict IAM policies and role-based access
• Encryption of sensitive data with customer-managed keys
• Monitoring and logging of all activities
• Backup and deletion protection for critical resources

Security program needs to balance:

• Agile development pace vs security requirements
• Bottom-up team autonomy vs top-down policies
• Automation vs manual assessment
• Cost vs security controls

Success factors for cloud security:

• Focus on team enablement rather than strict enforcement
• Regular security self-assessments by teams
• Integration of security tools in CI/CD pipeline
• Threat modeling during architecture changes
• Building security awareness and culture

Common attacker types to consider:

• Financially motivated cybercriminals
• State-sponsored actors
• Hacktivists
• Malicious insiders
• Opportunistic attackers

Cloud security challenges:

• Multi-cloud environments increase complexity
• Legacy applications moving to cloud
• Scale and pace of cloud adoption
• Cost of security controls
• Compliance requirements like DORA