Skip to main content

Beta What do you think of this service? Your feedback will help us to improve it.

  4. Threat understanding

Threat understanding

Skill Definition

Threat understanding encompasses evidence-based knowledge, including context, about an existing or emerging threat to assets that can be used to inform decisions.

Awareness

  • Describes specific threats and how they may manifest themselves in a local environment
  • Maintains understanding of local threat environment and can apply to inform and provide context for wider activities
  • Uses local threat information in decision-making and planning
  • Demonstrates knowledge of current threats and trends affecting the landscape

Working

  • Interprets sources of threat information for the local environment and applies knowledge of the external environment
  • Maintains understanding of local and strategic threat environments, and trends affecting the landscape, and can apply to inform and provide context
  • Uses local and strategic threat information in decision-making and planning
  • Communicates tailored threat information to relevant local stakeholders within the organisation

Practitioner

  • Proactively identifies, interprets and leverages a range of relevant sources of threat information, using a variety of techniques, to understand the threat environment (local and strategic), including its nature, capability, focuses of interest and other factors associated with relevant threats
  • Uses lessons learned to maintain an understanding of the organisation’s attack surface, and uses local and strategic threat information in decision-making and planning
  • Communicates tailored threat information to relevant senior stakeholders across multiple sites and/or business functions
  • Combines external threat information, organisational context and situational awareness to provide a holistic threat understanding capability

Expert

  • Uses a range of techniques and sources to develop, maintain and direct an understanding of the operating threat environment, including its nature, capability, focuses of interest and other factors associated with relevant threat sources/threat actors
  • Combines external threat information, organisational context and situational awareness to provide a holistic threat understanding capability, including the use of threat models
  • Communicates tailored threat information to relevant senior stakeholders at the board level across multiple sites and/or business functions
  • Combines external threat information, organisational context and situational awareness to provide a holistic threat understanding capability to teams and organisations

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now