Nandita Rao Narla introduces the basics of privacy in software. She discusses privacy threats, privacy threat modeling, and privacy by design. Suppose you write or handle software that touches user information. In that case, you need to understand privacy, how to assess and mitigate privacy concerns, and know when to implement privacy concerns into a design. This episode of the Threat Modeling Podcast is the perfect primer to raise awareness of the critical role privacy concerns should play in your next project.

Helpful Links:
Daniel J. Solove's "A Taxonomy of Privacy":  https://scholarship.law.gwu.edu/cgi/viewcontent.cgi?article=2074&context=faculty_publications

Akira Brand joins Chris to talk about her journey into threat modeling, her early experiences, some lessons learned, and how she knew her threat model was successful. Akira's experiences emphasize the importance of collaboration, understanding the application, and using tools and diagrams to aid the process.

Akira is a visual thinker and draws parallels between surgical checklists and the STRIDE model. Akira emphasizes the importance of a comprehensive approach, likening the STRIDE model to a surgeon's checklist that ensures all potential threats are addressed.

In her initial foray into threat modeling, she identified a significant security risk due to excessive permissions in an application. To understand and address this, she delved deep into the application's architecture, relying on data flow diagrams and a hands-on approach rather than a purely theoretical one.

Akira's story underscores the power of collaboration. Her challenges were overcome by the combined efforts of teams from engineering, data analytics, and security. She believes that the true measure of success in threat modeling is when diverse teams come together to create holistic security solutions.

Dr. Michael Loadenthal specializes in threat modeling beyond the conventional realm of technology. Companies today face multifaceted challenges, including political, legal, and technical threats. Solutions to these problems can also be varied. A comprehensive threat model should consider many dimensions, such as political, legal, ethical, and social. Whether advising activist groups or high-profile individuals, Dr. Loadenthal emphasizes a comprehensive understanding of the threat landscape and the development of context-specific solutions.

Dr. Loadenthal's unique approach to threat modeling is rooted in his early involvement in social movements and activism. He noticed that groups often faced many non-technical threats, such as legal, social, and political challenges. This realization led him to develop "intersectional threat modeling," which considers a broader spectrum of threats beyond just the technical.

Based on his diverse training and experience, Dr. Loadenthal emphasizes the importance of a multidisciplinary approach. He collaborates with a diverse team of specialists, including advisors and the clients themselves, to address complex challenges. Threat modeling works best with a team, and he discusses ways this works for him.

One of the tools in Dr. Loadenthal's multidisciplinary toolbox is the mind map. A mind map can show relationships between threats and lead to integrated solutions that address multiple problems together. A tool he likes to use from outside the tech industry is the harm reduction framework, a concept borrowed from public health. This approach acknowledges the inherent risks in various activities or systems but seeks to minimize the potential harm. Dr. Loadenthal explains how he applies the harm reduction framework to threat modeling. He shares practical examples of companies, non-profits, and high-profile individuals who all benefit from the broader perspective of his intersectional threat modeling.