Cyber threat modeling for protecting the crown jewels in the Financial Services Sector (FSS)

Abstract

Financial institutions are undergoing the so-called “de-perimeterization.” The security model up to today is heavily dependent on ”border patrols” focusing mostly on providing a secure perimeter while the internal network is inherently trusted. In the upcoming borderless networks, the focus is shifting to protection of the data itself, considering the full lifecycle or switching toward context-aware defensive strategies also known as zero trust networks. The focus of this work is to critically discuss existing threat modeling methodologies, available and used in the financial services sector (FSS). The objective is to investigate the extent at which existing methodologies cover the different threat actors & events and if they reflect the current threat landscape in the FSS. The investigations are supported by a real-world case study to uncover if any process can reflect the current threat landscape without any customizations or special know-how, and whether the final outcome helps in reaching a secure or compliance state. Through the case study, it is evidenced that by utilizing the IRAM2 methodology resulted in a high ratio of compliance, however, considering the Crown Jewels of a Financial Institution (FI), a secure, as much as possible, state should be the desired outcome.