← All assessments

Ransomware on ERP Software Suite

⚠ Corporate IT Infrastructure Top event: Ransomware deployed on the ERP software suite

Analysis of attack paths that could result in ransomware encrypting the ERP system and the operational, data, and supply-chain consequences that follow.

Bow-Tie Diagram

Corporate ITInfrastructure Ransomwaredeployed on Phishing Attack onERP Users MFA on ERP Acc… Network Segmen… Exploitation ofUnpatched ERP ERP Patch Mana… Network Segmen… CompromisedPrivileged ERP MFA on ERP Acc… ERP SystemUnavailability Immutable Offl… Ransomware Inc… Business Conti…71% Loss or Corruptionof Business Data Immutable Offl… Ransomware Inc… Supply ChainDisruption Business Conti…71% Ransomware Inc…

Threats (left side — causes)

Phishing Attack on ERP Users

Prevention barriers:

MFA on ERP Access
Network Segmentation of ERP Environment
Exploitation of Unpatched ERP Vulnerability

Prevention barriers:

ERP Patch Management
Network Segmentation of ERP Environment
Compromised Privileged ERP Account

Prevention barriers:

MFA on ERP Access

ADD THREAT FROM LIBRARY

Don't see it? Manage threats library

Consequences (right side — effects)

ERP System Unavailability

Mitigation barriers:

Immutable Offline ERP Backups
Ransomware Incident Response Plan
Business Continuity Procedures
Loss or Corruption of Business Data

Mitigation barriers:

Immutable Offline ERP Backups
Ransomware Incident Response Plan
Supply Chain Disruption

Mitigation barriers:

Business Continuity Procedures
Ransomware Incident Response Plan

ADD CONSEQUENCE FROM LIBRARY

Don't see it? Manage consequences library

Diagram Legend

Hazard (source of danger)
Top Event (central event)
Threat (cause)
Consequence (effect)
Prevention barrier
Mitigation barrier