ID.RA-03 - Recognizing Internal and External Threats
ID.RA-03 involves identifying and documenting threats—both internal, like insider risks, and external, like cyberattacks—that could impact the organization. This process uses threat intelligence and hunting techniques to pinpoint actors and tactics likely to target operations or assets. Recording these threats ensures a comprehensive threat profile for risk planning.
This subcategory enhances situational awareness by focusing on threats specific to the organization’s context, enabling tailored defenses. It supports proactive measures, such as monitoring for signs of compromise within the environment. ID.RA-03 builds a foundation for understanding the full spectrum of potential dangers.
