The Balanced Attacker Model (BAM) card deck consists of 10 attackers, 18 assets, the 23 NIST cybersecurity framework categories, and six risk categories. This deck uses the NIST Critical Infrastructure Framework to address a number of concepts, including:

Threat Modeling | Loss Scenario Iteration | Tradeoff Analysis | Risk Appetite | Resource Scarcity | Risk Management | Resiliency | Layered Defense | Defense-in-Breadth | Defense-in-Depth

Brand customized decks are also available for in-house risk management training.