SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsThreat assessment is an essential component of an information security risk evaluation. In order to prioritize vulnerabilities for remediation and to evaluate existing controls, a thorough understanding of potential threat sources is required. Particularly for financial institutions, this activity is a pre-requisite for a comprehensive information security program and a stated regulatory requirement. This paper explores key issues related to threat assessment, including essential elements, methodologies, and common pitfalls. A recommended approach for completing and documenting this activity is also provided. While the focus of this paper is on financial institutions and related regulatory requirements, the general concepts and the recommended approach for conducting a threat assessment are applicable to other organizations and industries.