It’s not easy to know wherever to start out to address all of them. It’s equally as tough to know when to stop. Risk modeling will help. Define the complex scope on the environment plus the dependencies in between the infrastructure along with the computer software Repudiation: the attacker https://www.researchgate.net/publication/365308473_Development_of_Cyber_Attack_Model_for_Private_Network