Assets¶
Assets are the things cybersecurity exists to protect, govern, and make resilient.
Definition¶
An asset is anything with value to an organization, mission, customer, employee, regulator, or stakeholder.
Common asset families¶
| Asset family | Examples |
|---|---|
| Identity | Users, service accounts, privileged roles, groups |
| Data | Customer data, intellectual property, logs, secrets |
| Application | SaaS, internal apps, APIs, mobile apps |
| Endpoint | Laptops, servers, mobile devices, IoT |
| Cloud | Accounts, subscriptions, storage, workloads |
| Network | Internet edge, private network, DNS, VPN |
| Vendor | Suppliers, service providers, processors |
| AI | Models, prompts, embeddings, training data, agents |
Asset page pattern¶
An asset article should answer:
- Why does this asset matter?
- Who owns it?
- What threats target it?
- What weaknesses commonly affect it?
- What safeguards protect it?
- What evidence proves protection?