threat model The second biggest trap in information risk management. A model CISOs can use to measure and report the level of assurance being delivered by their technical security products and controls as part of a robust cyber defense. Erick Rudiak 7 Jun 2018 · 12 min read