Flagship Framework
High Value Targets are the systems, roles, third parties, and data collections that advanced adversaries pursue because compromise creates outsized operational impact.
Why HVT
HVT analysis extends standard business-impact thinking with the attacker's perspective, so resilience investments follow the assets most likely to amplify disruption.
High Value Targets are information systems, roles, third parties, and data for which unauthorized access, use, disclosure, disruption, modification, or destruction would significantly affect an organization's ability to perform its mission.
They often contain sensitive controls, unique concentrations of trust, critical recovery capabilities, or defensive functions that attackers can weaponize to expand blast radius.
In practice, HVTs frequently cut across traditional crown-jewel thinking by emphasizing attacker value, dependency spread, and mission survivability.
Current cyber resilience and business-impact analysis practices often lack a clear method for determining the value an advanced adversary places on specific targets.
By identifying HVTs, organizations can prioritize defensive investment without over-protecting some assets and under-protecting others.
Once HVTs are identified, secured, and governed continuously, the organization's cyber resilience posture becomes more measurable, more targeted, and more defensible.
Framework foundation
Expert perspective
"The High Value Target methodology is exactly what organizations and their leaders need to be thinking about as they seek to defend themselves, their critical infrastructure and their business."
"It is no longer good enough to try to defend everything. If you try to defend everything, you defend nothing."
This is the direction resilience programs need to move, and High Value Target provides a practical path.
John Felker
Former Assistant Director, United States Cybersecurity and Infrastructure Security Agency (CISA)
Critical infrastructure targets tied directly to mission continuity.
Control-plane targets containing sensitive configurations and instructions.
Cyber-defense targets providing protective, investigative, or response capabilities.
Informational-value targets containing data or trust relationships with outsized importance.
Business world
Cyber resilience is the ability of an organization to transcend stresses, failures, hazards, and threats to cyber resources so the organization can confidently pursue its mission and maintain its desired way of operating.
Technical world
From a technical perspective, cyber resilience extends cybersecurity by emphasizing the ability to anticipate, withstand, recover from, and adapt to adverse conditions, attacks, or compromises on cyber resources.
High Value Target methodology is grounded in NIST 800-160 and MITRE CREF, connecting those standards to practical prioritization of critical assets.
Cyber resiliency engineering is intended to help reduce mission, business, organizational, enterprise, or sector risk of depending on cyber resources. High Value Target operationalizes that idea by making critical-asset prioritization explicit and adversary-aware.
The Cyber Resilience Officer should be accountable for the organization's ability to manage cyber resilience and for ensuring HVTs are identified, protected, assessed, and governed.
That role requires direct board access, authority over resilience priorities, and the resources necessary to coordinate strategy, training, and enforcement.
The responsibilities must be formally defined, documented, and operationalized so HVT knowledge is preserved beyond individual teams or incidents.
