ABSTRACT
Digital assets are the business assets that cyber-criminals compromise. During a cyber-attack, malware, typically a virus or worm, is inserted. Malware is software that is intended to damage or disable computers and computer systems. A computer virus is malicious software that embeds itself in a type of executable software (including the operating system) on the target system without the user's knowledge and consent. When it is run, the virus is spread to other executables. On the other hand, a worm is stand-alone malware software that actively transmits itself over a network to infect other computers.
Some malware is designed to steal data. When this happens, we have a data breach. A data breach is the release of secure or private/confidential information to an untrusted environment. In this case, confidentiality is compromised. Additionally, when unauthorized individuals gain access to digital assets, integrity can also be compromised.
Other types of malware are designed to encrypt the file servers and infrastructure causing a business interruption. When businesses are interrupted via ransomware or denial of service attacks, availability is compromised. Understanding the digital assets, quantifying their exposures, and measuring their risk will put us on the path to increasing cyber resiliency. Cyber resilience refers to an entity's ability to continuously deliver the intended outcome despite adverse cyber events.
