Risk Analysis of YesFlix | CISSP As An Art

What if I told you a YESFLIX binge and a DDoS attack follow the same threat pattern?

YESFLIX is loaded with addictive TV shows. You know the kind I mean…

The risk evolves with one trigger at a time. Whether it’s a student trying to pass CISSP or a web server being flooded with unwanted traffic, the risk chain has a same pattern.

Risk Analysis - Cissp As An Art (CaaART) Style

Visualise both scenarios:

Threat Agent → YESFLIX’s account is a potential threat agent.
It could be an individual or entity that has intention to harm such as bots that targets your web server.

Threat → The binge temptation begins – one episode after another.
It’s the real danger such as HTTP floods can overwhelm the web server.

Vulnerability → If you don’t have self-control when it comes to cliff hangers at the end of every TV episode – the binge is guaranteed.
It’s the weakness in the system. Threat loves to exploit vulnerability if web server is not configured with rate-limiting or traffic filtering.

Asset → The most valuable thing to protect – could be a system or data or people. You are the asset and so is your time. Spend wisely.

Exposure → Watching 70 hours of TV shows increase the chance of failing a CISSP exam.
It’s a calculated loss if no security action is taken. The web server can be down and it can cost lot of money to business.

Safeguard → Self discipline is the key – Do Not open YESFLIX until complete first CISSP domain. Study first. Reward later.
Implement security controls such as Web Application Firewall (WAF) and configure rate-liming and DDoS protection.

In my CISSP world, every concept is a story, art, or visual. Join the CISSP As An Art (CaaART) tribe, the first visual-only CISSP course.

Watch Episode 1: Mystery Box Risk Terminologies