An excellent series of blog posts by Microsoft’s Larry Osterman about threat modeling with links to all 13 posts is here. Someone who signed comment as Bill Gates (it might be real Bill?) wrote:
Larry, keep up the good work, I wish we had more people like you in Redmond.
This series of posts is pretty long, detailed, and complicated, but well worth reading.