High Value Target Design Principles

  1. The methodology focuses on inherent impact, hence on these attributes that are intrinsic to the object* itself and do not depend on mitigating controls in place;
  2. The attributes of each object are subject to change, hand in hand with major technological progress or evolution of cyber adversaries’ sophistication;
  3. The methodology provides quantitative measures in terms of low / moderate / high value that an adversary aims to seek for and then leverage;
  4. The methodology produces an outcome in form of a label which can be intended as a binary value about whether the object is or isn’t a High Value Target;
  5. The methodology is an evolvable product which could be leveraged in a multitude of contexts like risk assessments, threat modeling, security operations and more;
  6. The High Value Target objects and attributes are for the community hence feedback is encouraged and considered in order to strengthen the methodology and ensure fit-for-use;
  7. The High Value Target methodology is an extension of authoritative publications ranging from NIST, MITRE, WEF and more. It is not meant to be a proprietary framework of its own.

* An object can be an asset (system, application), role, third party, data.
Search
IzzyWebsite AI Website Builder Website made with Kopage Build a Free Website