Unauthorized Cloud Access Attack Chain Diagram
- 1 Minute to read
- Print
Unauthorized Cloud Access Attack Chain Diagram
- 1 Minute to read
- Print
Article summary
Did you find this summary helpful?
Thank you for your feedback
Unauthorized Cloud Access: MFA and Segmentation
.png "image(236).png")
.png "image(237).png")
Threat Event Frequency | Threat event frequency represents the number of times per year the threat actor gains unauthorized cloud environment access. Common ways that threat actors can gain access include phishing, vulnerability exploitation (such as remote code execution (RCE)), 3rd party compromise, and malware. |
Vulnerability | Vulnerability (or susceptibility) represents the probability that the threat actor can successfully overcome all relevant controls (detection/prevention of lateral movement and unauthorized access) and successfully access the asset. |
Primary Loss Magnitude | The loss event occurs once the actor accesses the asset. This typically triggers incident response, management, and containment efforts, at a minimum. |
Secondary Loss Event Frequency | Secondary loss event frequency is modeled as the probability of responsive controls (such as encryption) being circumvented and conditional (secondary) losses occurring. |
Unauthorized Cloud Access: MFA Only
.png "image(238).png")
.png "image(239).png")
Threat Event Frequency | Threat event frequency represents the number of times per year the threat actor gains unauthorized cloud environment access. Common ways that threat actors can gain access include phishing, vulnerability exploitation (such as remote code execution (RCE)), 3rd party compromise, and malware. |
Vulnerability | Vulnerability (or susceptibility) represents the probability that the threat actor can successfully overcome all relevant controls (detection/prevention of lateral movement and unauthorized access) and successfully access the asset. |
Primary Loss Magnitude | The loss event occurs once the actor accesses the asset. This typically triggers incident response, management, and containment efforts, at a minimum. |
Secondary Loss Event Frequency | Secondary loss event frequency is modeled as the probability of responsive controls (such as encryption) being overcome and conditional (secondary) losses occurring. |
Unauthorized Cloud Access: No MFA or Segmentation
.png "image(240).png")
.png "image(241).png")
Threat Event Frequency | Threat event frequency represents the number of times per year the threat actor gains unauthorized cloud environment access. Common ways that threat actors can gain access include phishing, vulnerability exploitation (such as remote code execution (RCE)), 3rd party compromise, and malware. |
Vulnerability | Vulnerability (or susceptibility) represents the probability that the threat actor can successfully overcome all relevant controls (detection/prevention of lateral movement and unauthorized access) and successfully access the asset. |
Primary Loss Magnitude | The loss event occurs once the actor accesses the asset. This typically triggers incident response, management, and containment efforts, at a minimum. |
Secondary Loss Event Frequency | Secondary loss event frequency is modeled as the probability of responsive controls (such as encryption) being overcome and conditional (secondary) losses occurring. |
Was this article helpful?