Common Goals: Measure and observe ...
A threat’s ability to access to common and restricted areas (physical)
- What ability does a threat have to access common areas?
- What ability does a threat have to access restricted areas?
- Can a threat use access gained to enable cyber capabilities?
- What impacts can a threat have through gained access?
A threat’s ability to access key/critical systems
- Can a threat access key/critical systems?
- What impacts can a threat have on key/critical systems?
A threat’s ability to move freely throughout a network
- What ability does a threat have to freely move throughout a network?
A threat’s ability to gain domain wide and local administrative access?
- What ability does a threat have to gain local administrative access?
- What ability does a threat have to gain domain administrative access?
- What ability does a threat have to gain elevated access?
A threat’s ability to access or identify sensitive information
- What ability does a threat have to access sensitive information?
- What ability does a threat have to identify sensitive information?
A threat’s ability to exfiltrate data outside an organization
- What ability does a threat have to exfiltrate data outside an organization?
- How much data must be exfiltrated to impact an organization?
A threat’s ability to act undetected for a given time frame
- How long can a threat go undetected?
- Can a threat achieve its goals undetected?
- What must a threat do to stimulate a reaction from an organization?
A threat’s ability to perform operational impacts
- What impacts can a threat perform against an organization?
- How can a threat affect X?