Threat Assessment
Summary
Purpose
Guiding Questions
Operational Security
Preparation
Outputs
Activities
References and resources for Threat Assessment
- Guide: "Threat Assessment: Chapter 2.5 p. 38" (Operational Security Management in Violent Environments (Revised Edition))
- manual: Establishing the threat level of direct attacks (targeting) (Protection Manual for Human Rights Defenders)
- Book: "Threat Modeling: Designing for Security" (Adam Shostack)
- Website: "An Introduction to Threat Modeling" (Surveillance Self-Defense)
- Article: "Security for Journalists, Part Two: Threat Modeling" (Jonathan Stray)
- Guide: "Managing Information Security Risk: Organization, Mission, and Information System View" (NIST)
- Guide: "Guide for Conducting Risk Assessments" (NIST)
- Activity: "Threat Model Activity" (Tow Center)
- Tool: Deciduous Threat Decision Tree Generator Guide | Tool including sample Tree (Kelly Shortridge)
- Human Rights
- Transparency [^corruptions_perception_index]
- Public Service Delivery
- Health
- Free Media and Information
- Threatened Voices: Tracking suppression of online free speech.
- IREX’s Media Sustainability Index (MSI) provides in-depth analyses of the conditions for independent media in 80 countries across the world.
- Freedom House's "Freedom on the Net" index, assessing the degree of internet and digital media freedom around the world.
- Freedom House's "Freedom of the Press" index assess' global media freedom.
- ARTICLE 19 freedom of expression and freedom of information news by region.
- Open Society Foundation - Mapping digital media
- Press Freedom Index (RSF)
- Climate Issues
- Gender Issues
- Poverty Alleviation
- Community Building
- Peace promotion
- Agricultural Development
- Entrepreneurship
- Water, Sanitation
- Transportation
- Disaster Relief
-
Database: "The Aid Worker Security Database (AWSD) records major incidents of violence against aid workers, with incident reports from 1997 through the present." (The Aid Worker Security Database (AWSD))
-
Platform: "The HumanitarianResponse.info platform is provided to the humanitairan community as a means to aid in coordination of operational information and related activities." (Humanitarian Response)
-
Organization: "ReliefWeb has been the leading source for reliable and timely humanitarian information on global crises and disasters since 1996." (ReliefWeb)
-
Monitor: "CNL's NGO Law Monitor provides up-to-date information on legal issues affecting not-for-profit, non-governmental organizations (NGOs) around the world." (NGO Law Monitor)
-
Survey: ["This is a survey of existing and proposed laws and regulations on cryptography - systems used for protecting information against unauthorized access."(http://www.cryptolaw.org/)] (The Crypto Law Survey)
-
List: "Who publishes Transparency Reports? - a list of transparency reports from Google, Facebook, and other popular websites. Cross-check with Alexa for locally popular services" (James Losey)
-
Article: "Legal Issues in Penetration Testing" (Security Current)
-
Wiki Page: ["Anti-circumvention: Laws and Treaties"(https://en.wikipedia.org/wiki/Anti-circumvention)] (Wikipedia)
-
Guide: "Encryption and International Travel" (Princeton University)
-
Guide: "World Map of Encryption Laws and Policies" (Global Partners Digital)
-
List: "National Cyber Security Policy and Legal Documents" (NATO Cooperative Cyber Defence Centre of Excellence)
-
Database: "APT Groups and Operations"
-
Database: "APTNotes"
-
Country Profiles: "Current cybersecurity landscape based on the five pillars of the Global Cybersecurity Agenda namely Legal Measures, Technical Measures, Organisation Measures, Capacity Building and Cooperation." ( Global Cybersecurity Index (GCI))
-
Reports: Privacy International's in-depth country reports and submissions to the United Nations. (Privacy International)
-
Organization: "The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs, University of Toronto, Canada focusing on advanced research and development at the intersection of Information and Communication Technologies (ICTs), human rights, and global security." (The Citizen Lab)
-
Database: "International Cyber Developments Review (INCYDER)" (NATO Cooperative Cyber Defence Centre of Excellence)
-
Guide: "This handbook sets out an overview of the key privacy and data protection laws and regulations across 72 different jurisdictions, and offers a primer to businesses as they consider this complex area of compliance." (Data Protection Laws of the World - DLA PIPER)
-
Reports: "Country Reports" (Open Network Inititiative)
-
Reports: "Regional Overviews" (Open Network Inititiative)
-
Portal: "Country Level Information security threats" (The ISC Project)
- Reports: "APWG Phishing Attack Trends Reports" (Anti-Phishing Working Group)
-
Map: "Cyber-Censorship Map" (Alkasir)
-
Dashboard: "At-A-Glance Web-Blockage Dashboard" (Herdict )
-
List: "Foreign travel advice" (GOV.UK)
-
List: "Travel Advice" (Australian Government)
-
Alerts: "Travel Alerts & Warnings" (US Department of State)
-
List: "List of airlines banned within the EU" (European Commission)
-
List: "A list of aircraft operators that have that have suffered an accident, serious incident or hijacking." (Aviation Safety Network)
-
Map: "A global display of Terrorism and Other Suspicious Events" (Global Incident Map)
Threat Assessment Activities:
Example text for introducing threats - Integrated Security
Written exercise: Threats assessment - Integrated Security
Threat Modeling Resources (General):
Threat research by focus area:
Threat research by method:
General Threats by Region: