target-subcategory-vocab
Blueprint Plans (1.1.1)
Schematics for facility layout, products, or devices
Facilities (1.1.2)
Buildings, offices, areas of buildings, or functions of buildings (such as disabling a door)
Physical Products (1.1.3)
Tangible objects owned or managed by the organization
Product Information (2.1.1)
Information about products or services offered by the organization
Proprietary Information (2.1.2)
Information that gives the organization a competitive advantage, such as trade secrets, formulas, designs, or processes which could be exposed or sold to a competitor
Business Plans (2.2.1)
Pitches or anything having to do with the everyday course of business
Business System (2.2.2)
System which the organization requires to operate the business
Commerce information (2.2.3)
Data related to the organization’s business dealings, such as customer lists, pricing strategies, supplier contracts, or marketing plans
Contract Information (2.2.4)
Information related to legal agreements made between the organization and other organizations or individuals such as employees or contractors
Design and Plans (2.2.5)
Product design or information for a business plan
Payroll Information (2.2.6)
Data relating to employee salaries, benefits, and tax information
Classified Information (2.3.1)
Information that is restricted by the government for reasons of national security
Sensitive Information (2.3.2)
Data that could cause harm to the organization or its stakeholders if leaked or misused
Accounting Records (3.1.1)
Records tracking money, inventory, or purchases
ATM Withdrawal (3.1.2)
Money that withdrawn from an ATM
Bank Account Information (3.1.3)
Bank account information for a peculiar person or entity
Bitcoin (3.1.4)
Money in the form of virtual currency
Company Funds (3.1.5)
Monetary assets used for financing operations and initiatives of the organization
Gift Cards (3.1.6)
Money in the form of prepaid debit cards for use at a specific vendor
Invoices (3.1.7)
Money in the form of receiving funds from fraudulent invoices
Issued Checks (3.1.8)
Money in the form of receiving funds from fraudulent checks
Loan (3.1.9)
Money in the form of temporary funds given with the expectation of being repaid with interest
Physical Currency (3.1.10)
Money in the form of tangible paper bills, coins, or other means of circulation that holds direct monetary value
Refunds (3.1.11)
Money in the form of reimbursements for returend goods or services
Reimbursement Forms (3.1.12)
Information related to reports of incurred transaction expenses
Tax Information (3.1.13)
Tax forms, documentation, or identifiers
Time Sheets (3.1.14)
Digital or analog forms for employees to report hours worked
Client List (4.1.1)
Listing of organizations or individuals which are provided services by the organization
Customer Data (4.1.2)
Information about customers or provided by customers
Immigration Records (4.1.3)
Records of individuals who are unaturalized immigrants
Credit Card Information (4.1.4)
Information relating to a credit card such as the card number, the cardholder’s name, when the card expires, and the card’s security code
Insurance Claims (4.1.5)
Information relating to monetary claims made in request to an insurance policy
Employee Data (4.2.1)
Information about employees or belonging to employees of an organization
Driver’s license (4.3.1)
Information related to a legal identification that provides a permit to operate a motor vehicle
Personal Photos (4.3.2)
Images of a personal nature or unrelated to the organization’s business
PII (4.3.3)
Sensitive information that can be used to identify an individual
PHI (4.4.1)
Sensitive information that is indicative of an individual’s health condition
Medicare/Medicaid (4.4.2)
Information related to health insurance provided by the state to the elderly or financially limited populations
Prescription Medication (4.4.3)
Iinformation that relates to doctors notes permiting the purchase of controlled medical substances
Prescription Pads (4.4.4)
Secured stationery notes that doctors use for writing prescriptions
Self (4.5.1)
The insider is targeting themself
Others (4.5.2)
Indivdual or individuals other than the insider
Backup Data (5.1.1)
Data that can be used to restore a system or dataset if it becomes compromised
Backup Tapes (5.1.2)
Stored backup data copied to a tape cartridge
Database (5.1.3)
Structured electronic digital information repository
Email Servers (5.1.4)
Systems used to host and deliver email services
FTP Servers (5.1.5)
Systems which allow the exchange of files between two or more computers
Network Configuration (5.1.6)
Routing or network access configuration
Network Login Information (5.1.7)
Information related to access credentials for a network
Servers (5.1.8)
System(s) which host information or digital services for end users
System Access (5.1.9)
Accounts, pathways, tunnels, or backdoors for future use of a particular system or systems
Website Hosting (5.1.10)
System(s) for delivering websites over the internet
Computer (5.1.11)
Non-server computer such as a desktop or laptop
Mobile Device (5.1.12)
Laptop, tablet, or mobile phone
Backup Software (5.2.1)
Software designed to create copies of data for safe storage
Software Policy Protocol (5.2.2)
Rules developed by an organization for the ideal deployment of a software
Source code (5.2.3)
Underlying codebase for a product or system
Unreleased Software (5.2.4)
Software that has not yet been made available
Login Information (5.3.1)
Credentials used for access to a technological system
Passwords (5.3.2)
Access credentials in the form of a text string
Emails (5.4.1)
Electronic communications in the form of static messages shared to specified user addresses via a network
Telecommunication Systems (5.4.2)
Networks that facilitate digital or voice communications
Mobile Phone (5.4.3)
Mobile phone (cell phone)