OPS01-BP05 Evaluate threat landscape
Evaluate threats to the business (for example, competition, business risk and liabilities, operational risks, and information security threats) and maintain current information in a risk registry. Include the impact of risks when determining where to focus efforts.
The
Well-Architected
Framework
AWS customers are eligible for a guided Well-Architected Review of
their mission-critical workloads to
measure
their architectures
The cross-team engagement of these reviews helps to establish common understanding of your workloads and how team roles contribute to success. The needs identified through the review can help shape your priorities.
AWS Trusted Advisor
Desired outcome:
-
You regularly review and act on Well-Architected and Trusted Advisor outputs
-
You are aware of the latest patch status of your services
-
You understand the risk and impact of known threats and act accordingly
-
You implement mitigations as necessary
-
You communicate actions and context
Common anti-patterns:
-
You are using an old version of a software library in your product. You are unaware of security updates to the library for issues that may have unintended impact on your workload.
-
Your competitor just released a version of their product that addresses many of your customers' complaints about your product. You have not prioritized addressing any of these known issues.
-
Regulators have been pursuing companies like yours that are not compliant with legal regulatory compliance requirements. You have not prioritized addressing any of your outstanding compliance requirements.
Benefits of establishing this best practice: You identify and understand the threats to your organization and workload, which helps your determination of which threats to address, their priority, and the resources necessary to do so.
Level of risk exposed if this best practice is not established: Medium
Implementation guidance
-
Evaluate threat landscape: Evaluate threats to the business (for example, competition, business risk and liabilities, operational risks, and information security threats), so that you can include their impact when determining where to focus efforts.
-
Maintain a threat model: Establish and maintain a threat model identifying potential threats, planned and in place mitigations, and their priority. Review the probability of threats manifesting as incidents, the cost to recover from those incidents and the expected harm caused, and the cost to prevent those incidents. Revise priorities as the contents of the threat model change.
Resources
Related best practice:
Related documents:
Related videos: