Cycops.

List of information asset threats and controls to address them.

Threat Control
Desktops, Laptops and Servers
Virus Anti-Virus
Worm OS update
Application update
Internal Firewall
Trojan Anti-Virus
Software Keylogger Internal Firewall
Anti-Virus
Hardware Keylogger Virtual Keyboard
Infrared Keyboard
Asset verification drill
Wireless Keylogger War walk
War drive
Wifi IDS
Backdoor Internal Firewall
Port Scanning
Ransomware HIDS
Anti-Ransomware
Backup
Rootkit AV
Botnet NIDS
HIDS
Spyware / Adware (Browser based attacks) Application Virtualization (Sandbox)
Scareware Awareness
Removable device attack EPDP
BIOS protection
Active Directory
Personal data / Privacy Data Encryption
Hacker attack (RCE) OS Hardening
Anti-Virus
Internal Firewall
System misuse (Data copy, Remote access, Employee Monitoring
Screenshots, Data theft)
Malicious upgrades (Evilgrade) Secure Patch management
Data leakage (Remote connections / SMTP) DLP
E-Dumpster driving Degaussing
Network
MITM / ARP Spoofing Anti-Sniffing
ARP Flooding VLAN
L3 Switches
NIDS
Authentication
DOS attacks Firewall
 NIDS
NIPS
IP Spoofing NIDS
IP Masking Firewall
Usage of plain text protocols Use encrypted protocols
Unauthorized network (file/folder) access Access Control (A.D)
IAM
BYOD MDM
Insecure SNMP Use V3 SNMP
Insecure RDP OS Update
Firewall
NIDS
Network Congestion WAN Optimization
Network load balancers
Rouge Access Points War Driving
WiFi IDS
Internet
DDOS CDN
Load Balancers
Reverse Proxy
WAF
Country based blocking
Input validation attacks WAF
OWASP ESAPI
.htaccess
Web.config
Web Application attacks SSDLC
Server side validations
Fake Access Points WiFi IDS
Port Scanning Firewall
NIDS
Spam mails Anti-Spam
Slow Internet WAN Optimizers
LOG Management SIEM
Internet Failure (ISP) Multiple ISPs
Email Spoofing Non-Repudiation
Digital Signature
Communication Security Digital Certificate
Security Loopholes / Vulnerabilities Vulnerability Management
People
Human errors Awareness Training
Disgruntle employees Asset Management
Internal Employee DMZ
NIDS
Anti-Sniffing
Employee Monitoring
Anti-Virus
License Management
Asset drill
Shoulder surfing Awareness training
Weak Passwords Awareness training
Lack of Practise Security Drills
Physical
Physical theft CCTV
Closet
Safe
Access Cards
Motion Sensors
Unauthorized access Biometric
Swipe card
Physical guard
Tail gating Awareness training
Jammer Anti-Jamming
Natural Disasters BC, DR and IR
Fire accidents Smoke detectors
Sprinklers
Fire Extinguishers (A,B,C) types
Power failure UPS
Power Generators
Fuel Backup
Temperature control failure Dual AC with auto time
Humidity Control Humidity Sensors
Dumpster driving Shredding
RFID Cloning Faraday Cage

• AV – Anti-Virus
• HIDS - Host based Intrusion Detection System
• NIDS – Network Intrusion Detection System
• NIPS – Network Intrusion Prevention System
• IF – Internal Firewall
• EPDP – End Point Data Protection
• RCE -- Remote Code Execution
• IAM -- Identity Access Management
• MDM -- Mobile Device Management
• SSDLC – Secure Software Development Lifecycle
• DMZ – Demilitarized Zone
• DLP -- Data Loss Prevention / Data leakage protection
• SIEM – Security Information & Event Management
• BC – Business Continuity
• DR – Disaster Recovery
• IR – Incident Response