Threat Modeling Data Analysis in Socio-technical Systems
Our decision-making processes are becoming more data driven, based on data from multiple sources, of different types, processed by a variety of technologies. As technology becomes more relevant for decision processes, the more likely they are to be subjects of attacks aimed at disrupting their execution or changing their outcome. With the increasing complexity and dependencies on technical components, such attempts grow more sophisticated and their impact will be more severe. This is especially important in scenarios with shared goals, which had to be previously agreed to, or decisions with broad social impact. We need to think about our decisions-making and underlying data analysis processes in a systemic way to correctly evaluate benefits and risks of specific solutions and to design them to be resistant to attacks. To reach these goals, we can apply experiences from threat modeling analysis used in software security. We will need to adapt these practices to new types of threats, protecting different assets and operating in socio-technical systems. With these changes, threat modeling can become a foundation for implementing detailed technical, organizational or legal mitigations and making our decisions more reliable and trustworthy.
READ FULL TEXT