High Value Target Design Principles
- The methodology focuses on inherent impact, hence on these attributes that are intrinsic to the object* itself and do not depend on mitigating controls in place;
- The attributes of each object are subject to change, hand in hand with major technological progress or evolution of cyber adversaries’ sophistication;
- The methodology provides quantitative measures in terms of low / moderate / high value that an adversary aims to seek for and then leverage;
- The methodology produces an outcome in form of a label which can be intended as a binary value about whether the object is or isn’t a High Value Target;
- The methodology is an evolvable product which could be leveraged in a multitude of contexts like risk assessments, threat modeling, security operations and more;
- The High Value Target objects and attributes are for the community hence feedback is encouraged and considered in order to strengthen the methodology and ensure fit-for-use;
- The High Value Target methodology is an extension of authoritative publications ranging from NIST, MITRE, WEF and more. It is not meant to be a proprietary framework of its own.
* An object can be an asset (system, application), role, third party, data.

