CISA Analysis – FY2021 Risk and Vulnerability Assessments

This report analyzes a sample attack path that a cyber threat actor could take to compromise an organization, using weaknesses identified in FY21 RVAs. The path comprises eleven successive tactics or steps: Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command and Control, and Exfiltration.

CISA Analysis – FY2021 Risk and Vulnerability Assessments

Join the Industrial Cyber Community