Course Release Date: May 25th 2022
D121 - Threat Modeling
Approximate Length – 30 Minutes
Intended Audience – Privacy Engineers and other Privacy Professionals, Software Developers, Managers, Architects and Engineers
What is the difference between a threat and a risk? This course illustrates the close relationship between these two concepts, highlights the factors that must be considered when assessing risk, and notes the distinction between initial and secondary risk. Alongside this is presented a thorough explanation of threat actors (who they are and what motivates and enables them), at-risk individuals (the roles they play and the high-risk groups to which they belong), and proxies (their various types and how they are used to facilitate privacy violations). Lastly, students will learn about privacy violation consequences, including normative and tangible harms.
- Threats vs Risks
- Threat Actors, At-Risk Individuals, and Proxies
- Normative vs Tangible Harms
Upon completion of this course, students should understand the relationship between threats and risks, identify threat actors, at-risk individuals, and proxies, and distinguish between normative and tangible harms.