Asset criticality | Trend Micro Service Central

Views:

Asset criticality indicates the importance of an asset to your organization's operations.

An asset is considered critical if its compromise causes severe consequences such as business interruption.

Attack Surface Risk Management uses criticality information to calculate asset risk scores. Two assets with the same risk events and different criticality levels are not assigned the same risk scores and should therefore be managed differently.

When assigning criticality levels, Attack Surface Risk Management considers significant profile tags that are derived from data collected by connected sources. Asset criticality levels are evaluated daily.

You can manually assign a custom criticality for assets if you think that the system-defined value is inaccurate. When viewing the criticality of an asset, click Modify Criticality to select a custom criticality. You can also revert to using the system-defined criticality at any time.

Important

Connect to as many data sources as possible so that Attack Surface Risk Management can obtain the profile tags required to determine asset criticality. For more information, see Configuring data sources.

The following table outlines the main asset criticality concepts.

Information	Description
Criticality level	Determined by significant profile tags and used to calculate asset risk scores High criticality assets are essential to your organization's operations and are likely to be targeted by threat actors. Compromise of such assets can cause business interruption and other severe consequences so prioritize these assets when implementing risk control measures. Medium criticality assets are fairly important to your organization's operations and may attract the attention of threat actors. Compromise of such assets can cause some business impact, but not to the same degree of severity as compromise of high criticality assets. Low criticality assets have minimal operational value and do not require close monitoring. Compromise of such assets usually cause very minor effects on infrastructure and business operations.
Profile tag	Extracted from data collected by connected data sources Profile tags that are considered significant are used to evaluate criticality levels. For more information, see Asset profile tags.

You can view and manually modify the criticality of assets in the following locations:

Location

Description

Asset lists

Example: Attack Surface Discovery → Accounts → Domain accounts → Domain Account List

Accounts marked with star icon are highly critical to your organization. Clicking the icon opens a window that contains asset criticality information.

Asset details screen

Clicking the name of any asset opens a details screen that includes the Asset Profile tab, which displays the following information:

Criticality level
Significant profile tags
Full list of profile tags

Tip

Click a profile tag to view information available for that tag.