An Introduction to Threat Modelling: Modelling Steps, Model Types, Benefits and Challenges

Nitin Naik, Paul Jenkins, Paul Grace, Dishita Naik, Shaligram Prajapat, Jingping Song

Research output: Unpublished contribution to conferenceUnpublished Conference Paper

Abstract

The proliferation of cybersecurity threats is posing substantial security risks to organisations; therefore, it requires robust countermeasures and defence mechanisms for organisational IT systems, applications and data. Threat modelling is a process of identifying, analysing, prioritising and mitigating cybersecurity threats and their associated vulnerabilities in a system or network. Understanding the threat modelling process, as well as its benefits and limitations, whilst selecting an appropriate threat modelling method that may assist cybersecurity experts in their comprehensive security assessments. The assessments are designed to uncover security gaps and potential threats, to develop robust countermeasures against these potential threats and strengthening the security of organisational IT systems, applications and data. This paper will present a comprehensive study concerning threat modelling including the phases involved in threat modelling, types of threat models, benefits and challenges of threat modelling. Therefore, this comprehensive study concerning threat modelling will simplify the essential terminologies of threat modelling to users in a clear and concise manner.
Original languageEnglish
Number of pages12
DOIs
Publication statusPublished - 28 Oct 2024

Fingerprint

Dive into the research topics of 'An Introduction to Threat Modelling: Modelling Steps, Model Types, Benefits and Challenges'. Together they form a unique fingerprint.

Cite this