An Introduction to Threat Modeling
From the post:
There is no single solution for keeping yourself safe online. Digital security isn’t about which tools you use; rather, it’s about understanding the threats you face and how you can counter those threats. To become more secure, you must determine what you need to protect, and whom you need to protect it from. Threats can change depending on where you’re located, what you’re doing, and whom you’re working with. Therefore, in order to determine what solutions will be best for you, you should conduct a threat modeling assessment.
…
The five questions in the assessment:
- What do you want to protect?
- Who do you want to protect it from?
- How likely is it that you will need to protect it?
- How bad are the consequences if you fail?
- How much trouble are you willing to go through in order to try to prevent those?
are useful whether you are discussing cyber, physical or national security.
Assuming you accept the proposition a “…no sparrow shall fall…” system is literally impossible.
In the light of terrorist attacks, talking heads call for this to “…never happen again….” Nonsense. Of course terror attacks will happen again. No matter what counter-measures are taken.
Consider bank robberies for instance. We know where all the banks are located. Never a question of where bank robberies will take place. But, given other values, such as customer convenience, it isn’t possible to prevent all bank robberies.
There is an acceptable rate of bank robbery and security measures keep it roughly at that rate.
The same is true for cyber, physical or national security.
This threat assessment exercise will help you create a fact-based assessment of your risk and the steps you take to counter it.
Better a fact-based assessment than the talking head variety.
I first saw this in a tweet by the EFF.