Threat modeling is a technique of operations security (OPSEC) and related disciplines for systematically assessing risk.
The threats to our privacy, particularly in the digital realm are overwhelmingly complex. Before you go about trying to implement security and privacy measures, you need to understand what you’re protecting against. This is where threat modeling helps:
- Identify assets: What is it that you want to protect?
- Identify adversaries: Who might interfere?
- Identify their capabilities: What kind of resources do your adversaries have at their disposal?
- Identify risk: How likely is a threat? How bad are the consequences?
The strength of threat modeling is breaking down the highly complex problem of digital privacy into smaller, more manageable pieces that can be addressed individually. You might devise threat models to include mass surveillance programs, such as the NSA’s PRISM and Upstream programs, corporate surveillance, such as Google’s data mining for targeted advertising, targeted surveillance by law enforcement, doxxing, or something else.
Your threat models will typically include multiple assets, adversaries, capabilities, and risks. It’s important to address each permutation of these different aspects individually and systematically, and to periodically review and update your plan to ensure it still reflects your current circumstances and priorities.