Threat Modeling Activity Handout (English, Spanish)
We created two double-sided exercise handouts for Threat Modeling (Risk Assessment). Facilitators should expect to walk through these handouts with learners. We recommend distributing these handouts during a workshop on threat modeling, to give learners exposure to big ideas, and to contextualize what they are learning. Facilitators can ask learners to fill out these handouts as a personal exercise. Then, depending on their comfort level, have participants share how they completed their sections.
We are iterating on this handout, based on testing with participant in workshops, feedback from beginner teachers, and advice from digital security practitioners.
How to Use This Handout
The facilitator should introduce big ideas, such as the main terms (adversaries, risks, assets, threats, and adversary capabilities) and the five main questions of threat modeling. Then, the facilitator can walk participants through the exercise of threat modeling for a jewelry store owner. The facilitator can encourage participants to work quietly for a few minutes on the jewelry store threat modeling questions, and then, share back what they answered. What did participants write for each of the threat modeling questions? What are some examples of assets a jewelry store owner may protect, some adversaries, and so on?
If the jewelry store example is inappropriate for your community, consider remixing the handout (which you can edit in slideshow software).
If you are remixing it, consider: what would be more relevant to your participants? What threat models are more familiar to them? For example, what might a fruit vendor need to protect? What might a mother with a five-year-old be concerned about? What might someone protecting their bicycle be concerned about?
Then, have the participants fill out the graph on the back. We’ve included some silly examples, as well as more realistic examples, along the vertical axis for risk, and the horizontal axis for threat. What are some scenarios that the participants came up with, that might fit on this graph?
The second handout encourages learners to threat model for their own individual concerns. Give learners enough time to fill out the handout, guiding them through the different elements: What do they want to protect? Who are their adversaries? (And what would motivate these adversaries? What are their adversaries’ capabilities?) How would their assets be threatened? Then, have them fill out the graph on the back to map their risks to the likelihood of the threat occurring.
Finally, have them answer the remaining questions: What kind of protections make sense in response to the most likely threats? (What are some next steps to better protect themselves and their assets?) Encourage them to also include a date for revisiting their threat model, as threat models change over time.