PRIORITIZATION TABLE
Below are examples of prioritization. You are free to define your own system. The goal here is to establish an order of action based on clear and justified criteria.
EXAMPLES OF PRIORITIZATION TABLES
Example 1:
Your industry and country
1
Your industry only
2
Your clients' domains
3
Explanation: If an attacker group targets your industry in your country, it is more likely to target you compared to a group that only targets one of your clients' domains.
Example 2:
Your industry and country
P1
Your industry
P2
Several clients' industries
P3
A single client's industry
P4
Related to an enemy country
P5
Explanation: This matrix provides additional granularity regarding the threats targeting your clients (who can be an attack vector against you) as well as a geopolitical dimension.
Example 3:
You can also integrate the domains targeted by an attacker (corporate, mobile, industrial) to define a priority level based on the threat they represent and the ease with which they could infiltrate your information system.
Last updated