Threat modeling is a technique of operations security (OPSEC) and related disciplines for systematically assessing risk.
The threats to our privacy, particularly in the digital realm are overwhelmingly complex. Before you go about trying to implement security and privacy measures, you need to understand what you’re protecting against. This is where threat modeling helps:
- Identify assets: What is it that you want to protect?
- Identify adversaries: Who might interfere?
- Identify their capabilities: What kind of resources do your adversaries have at their disposal?
- Identify risk: How likely is a threat? How bad are the consequences?
Consider whether your threat model includes mass surveillance programs, such as the NSA’s PRISM and Upstream programs, corporate surveillance, such as Google’s data mining for targeted advertising, targeted surveillance by law enforcement, doxxing, or something else.
Your threat model will generally include multiple assets, adversaries, capabilities, and risks. It’s important to address each permutation individually. This is the strength of threat modeling: breaking a complex problem down into manageable parts.