Computing systems face diverse and substantial cybersecurity threats. To mitigate these cybersecurity threats while developing software, engineers need to be competent in the skill of threat modeling. In industry and academia, there are many frameworks for teaching threat modeling, but our analysis of these frameworks suggests that (1) these approaches tend to be focused on component-level analysis rather than educating students to reason holistically about a system’s cybersecurity, and (2) there is no rubric for assessing a student’s threat modeling competency. To address these concerns, we propose using systems thinking, in conjunction with popular and industry-standard threat modeling frameworks like STRIDE, in order to teaching and assessing threat modeling competency. Prior studies suggest a holistic approach like systems thinking can be suitable for understanding and mitigating cybersecurity threats. Therefore, our goal is to develop learning modules for threat modeling through the lens of systems thinking, as well as assessment rubrics to assess STRIDE threat modeling performance and assess systems thinking performance while conducting STRIDE. At the moment, we are collaborating with the company ThreatModeler to develop an online certification in threat modeling.