Skip to content

Glossary definition: Dread Model

Dread Model: How Fear Impacts Decision Making

Dread Model: a risk assessment model developed by the security expert Bruce Schneier to help organizations identify and prioritize security threats. The model is based on the acronym DREAD, which stands for Damage, Reproducibility, Exploitability, Affected Users, and Discoverability. Damage refers to the potential harm that a threat can cause to an organization's data or systems, Reproducibility is the ability of an attacker to replicate the same attack, Exploitability is the ease with which an attack can be executed, Affected Users is the number of users that could be impacted by the attack, and Discoverability is the difficulty of detecting the attack. The model is used to help organizations evaluate the risk of a potential threat and prioritize their security efforts accordingly.