Functional Assets & Pillars

Attack SurfaceBusiness Attack SurfaceTechnical Attack SurfaceDigital Presence Threat ManagementThreat and Risk AnalysisDigital Risk Protection
Written By Threat NG Staff

Securing and monitoring digital presence can overwhelming. Once people dig into their digital presence across the dark, deep, and open web, they see how enormous it is and feel lost, hopeless, and ultimately give up on the whole effort. If they do take action, we have seen people employ a whack-a-mole style approach that can be costly and ineffective.  

ThreatNG empowers individuals to secure their online assets and helps organizations make sense of all the data points.  We do this by breaking down online assets into four easy-to-understand "functional areas": Technical, Strategic, Operational, and Financial.  

Technical

Technical is concerned with unpatched vulnerabilities, coding inconsistencies, and application/infrastructure misconfigurations with applications, services, and IT Infrastructure.  Any unsecured vector presents opportunities for adversaries to gain access, evade defenses, and escalate privileges into an organization.

Strategic

Strategic is concerned with Industry/Trade/Market Behavior and Reputation. Mismanagement of Strategic assets can lead to issues in security (e.g., Social Engineering Attacks), brand/reputation management (e.g., Inconsistencies and Non-Compliance), and business operations.

Operational

Operational is concerned with business operations (R&D, IT, environmental, social, and governance), legal workings (contracts, disputes, intellectual property, blocklists), and human resources (compensation and employment contracts).  Mismanagement of operational assets can lead to risks in sensitive data exposures, technical threats to the organization (and third parties), and the overall infrastructure.

Financial

Financial focuses on financial systems, statements (internal and external), management reports, business plans, financing information, and tax documentation.  Mismanagement of Financial digital presence can lead to issues ranging from fraud to non-compliance with industry/regulatory regulations. 

Breaking down digital presence into four functional areas allows us to understand and prioritize digital presence threat and risk management efforts.






Threat NG Staff
Previous

DarcRadar: Cyber Risk Appetite Definition & Scoring
Next

ThreatNG Threat and Risk Analysis [TaR]