Appendix E – Threat Modeling Reference Matrices
This appendix provides threat modeling tools to identify, score, and manage digital risks across CAR Profiles. It supports Steps 3, 7, and 9 of the 10-Step CARS Digital Privacy Training, and Sections 6, 9, and 10 of the CARS Profile.
🎯 Purpose
- Enable practical, scenario-based Digital Risk & Threat Assessments
- Help users assign consistent Risk Levels to CARs and digital compartments
- Provide reusable templates for mitigation, monitoring, and decision-making
- Clarify how risk propagates across compartments
🔍 CARS Risk Classification Levels
| Risk Level | Description | Potential Impact |
|---|---|---|
| Level 1 | Low Risk – Minimal exposure | Mild inconvenience |
| Level 2 | Moderate Risk – Moderate data/value | Operational disruption |
| Level 3 | High Risk – Sensitive assets | Identity breach, fraud |
| Level 4 | Severe Risk – Strategic importance | Blackmail, targeting |
| Level 5 | Extreme Risk – Catastrophic if exposed | Irreversible damage |
Each CAR should be assigned a primary Risk Level, with optional risk notes for known vulnerabilities, threat likelihood, and mitigation readiness.
🧭 “What Makes You a Target?” Self-Evaluation
CAR Builders are encouraged to reflect on how their identity or activity may increase risk:
- Are you politically active or outspoken?
- Do you manage sensitive data (clients, whistleblowing, crypto)?
- Do you influence others online?
- Could your financial holdings attract unwanted attention?
- Do you work in areas of government, journalism, or activism?
These inputs shape threat profile assumptions.
🔁 Cross-CAR Risk Propagation
CARs are not islands. Risk in one profile can create vulnerabilities elsewhere.
Examples:
- If one CAR is linked to your real name or email, all CARs using that email inherit risk.
- A compromised browser configuration (Vehicle) may affect multiple CARs if reused.
- A risky Destination (e.g. political activity) can draw heat toward unrelated CARs if shared infrastructure is reused.
Use this table to log Cross-CAR Impact:
| Source CAR | Target CAR | Inherited Risk | Notes |
|---|---|---|---|
| Finance01 | Messaging03 | High | Shared cloud storage |
| Activism02 | Persona07 | Moderate | Common browser session |
📋 Threat Matrix Template
| Asset Category | Threat Vector | Mitigation Strategy | Risk Level | Notes |
|---|---|---|---|---|
| Email Account | Credential stuffing | 2FA, strong passphrase | 2 | Rotate every 90 days |
| Hosting Account | Targeted surveillance | Encrypted DNS, VPN tunnel | 4 | Avoid shared IPs |
| Backup Drive | Physical seizure | Local encryption, vault | 3 | Store offsite |
| Phone | SIM-swap + app profiling | No SMS 2FA, hardened setup | 5 | Burner SIM |
🛠 Templates and Worksheets
All included in the companion training workbook:
- Digital Risk Inventory Sheet
- Driver Risk Profile Worksheet
- CAR Risk Linking Map
- Threat Classification Playbook
Each template is reusable for:
- Self-assessment
- AI-powered analysis
- Sharing within trusted groups or SIGs
🔗 Mitigation Alignment Table
| Risk Level | Primary Strategies |
|---|---|
| 1–2 | Hygiene: backups, updates, weak link fixes |
| 3 | Strong auth, encrypted storage, air gaps |
| 4 | Infrastructure segregation, alias layers |
| 5 | Isolation CARs, non-overlapping devices |
“You can’t protect what you haven’t defined. This matrix turns vague fears into practical countermeasures — across your entire fleet of CARs.”