Threat Model

From Open Risk Manual

Definition

A Threat Model is a formal representation of the risk landscape faced by an individual or organization that explicitly focuses on risks that can be classified as threats.

Classification

  • Attacker centric, focusing on Threat Actor identification and analysis
  • Asset centric, focusing on Asset identification and analysis
  • System centric

Examples

VERIS A4 Threat Model

A cyber incident is viewed as a series of events that adversely affects the information assets of an organization. The VERIS classification employs the A4 threat model[1]: Every cyber incident is comprised of the following elements (the 4 A’s)

  • Actors: Whose actions affected the asset?
  • Threat Action: What actions affected the asset?
  • Assets: Which assets were affected?
  • Attributes: How the asset was affected?


References

  1. VERIS Incident Description