Adversary Personas

Difficulty Level:

Method Overview

Adversary Personas is an interactive role-playing game, designed for industry teams to critically engage and  think broadly and creatively about potential cybersecurity threats. (Daylight Security Research Lab, 2019)

Framework of ethics used:



Method Intentions:

Getting Started

You will need:

Materials: adversary persona card deck (download here

Participants: a team of 2-10 people 

Steps (Daylight Security Research Lab, 2019):

  1. Write down a list of things you want to protect
  2. Identify who your adversaries are
  3. Generate a list of needs of adversaries
  4. Respond to the list of needs of adversaries
  5. Discover existing and unexpected resources adversaries have at their disposal
  6. Role-play adversary personas and map out attackers’ needs or desires

    Further Reading

    Adversary Personas


    Nick Merrill and Joanne Ma. [n.d.]. Adversary Personas. Retrieved February 22, 2022, from

    This methods microsite is based off of analysis which is available in a preprint manuscript. Feel free to review our methodology and other details! We welcome your comments and feedback ! Please also use this form if you would like to suggest a method as an addition to the collection!