Asset Criticality

Asset criticality indicates the importance of an asset to your organization's operations.

An asset is considered critical if its compromise causes severe consequences such as business interruption.

Risk Insights uses criticality information to calculate asset risk scores. Two assets with the same risk events and different criticality levels are not assigned the same risk scores and should therefore be managed differently.

When assigning criticality levels, Risk Insights considers significant profile tags that are derived from data collected by connected sources. Asset criticality levels are evaluated daily.


Connect to as many data sources as possible so that Risk Insights can obtain the profile tags required to determine asset criticality. For more information, see Configuring Data Sources.

The following table outlines the main asset criticality concepts.



Criticality level

Determined by significant profile tags and used to calculate asset risk scores

  • High criticality assets are essential to your organization's operations and are likely to be targeted by threat actors. Compromise of such assets can cause business interruption and other severe consequences so prioritize these assets when implementing risk control measures.

  • Medium criticality assets are fairly important to your organization's operations and may attract the attention of threat actors. Compromise of such assets can cause some business impact, but not to the same degree of severity as compromise of high criticality assets.

  • Low criticality assets have minimal operational value and do not require close monitoring. Compromise of such assets usually cause very minor effects on infrastructure and business operations.

Profile tag

Extracted from data collected by connected data sources

Profile tags that are considered significant are used to evaluate criticality levels.

For more information, see Asset Profile Tags.

You can access asset criticality information in the following locations:



Asset lists

Example: Attack Surface Discovery > Accounts > Domain accounts > Domain Account List

Accounts marked with star icon are highly critical to your organization. Clicking the icon opens a window that contains asset criticality information.

Asset details screen

Clicking the name of any asset opens a details screen that includes the Asset Profile tab, which displays the following information:

  • Criticality level

  • Significant profile tags

  • Full list of profile tags


    Click a profile tag to view information available for that tag.