In the Cyber Prep methodology, an organization determines its target level of preparedness against cyber threats, including the advanced persistent threat, based on its assessment of the level of the adversary it faces.
How Do You Assess Your Organization's Cyber Threat Level?
Download Resources
PDF Accessibility
One or more of the PDF files on this page fall under E202.2 Legacy Exceptions and may not be completely accessible. You may request an accessible version of a PDF using the form on the Contact Us page.
In the Cyber Prep methodology, an organization determines its target level of preparedness against cyber threats, including the advanced persistent threat, based on its assessment of the level of the adversary it faces. That is, an organization calibrates its cyber security measures, as well as its cyber security governance, to its cyber threat. Cyber Prep characterizes the cyber threat in terms of an adversary's level of capability, intent, and targeting. However, many adversaries demonstrate a mixture of levels. Organizations can differ in how they account for such adversaries. Those differences reflect an organization's attitude toward the advanced cyber threat. A set of anchoring examples illustrates how different attitudes can result in different assessments of adversary level.