Threat Modeling is not the Same as Threat Mapping
There’s a belief in the security community that if you’re doing threat mapping, you don’t need to do threat modeling. The idea is that threat mapping is just as good as, or at least takes the place of, threat modeling. It’s true they are both a formalized way to...
Don’t Let Failing Banks Distract You from Cyber Threats
Human beings and organizations suffer from a cognitive condition known as recency bias. Recency bias “is a cognitive bias that favors recent events over historic ones. It is the tendency to place too much emphasis on experiences that are freshest in your memory—even...
Does the New National Cybersecurity Strategy Make Threat Modeling Essential?
Are you aware of the National Cybersecurity Strategy announced by the Biden-Harris administration on March 2, 2023? Well, if you develop software, you better be. The goal of the strategy is for the U.S. Government to take the lead in creating a safe and secure digital...
