ENISA | Threat Actor | Damage (D) | Reproducibility (R) | Exploitability (E) | Affected Users (A) | Discoverability (D) | Overall Rating | Severity |
Cybercriminals | 8 | 7 | 9 | 9 | 6 | 7.8 | High | |
Nation-states | 9 | 6 | 8 | 9 | 3 | 7 | Medium | |
Insider Threats | 7 | 5 | 6 | 6 | 9 | 6.6 | Medium | |
Supply Chain | 8 | 7 | 8 | 9 | 6 | 7.6 | High | |
NIST | ||||||||
Cybercriminals | 8 | 5 | 5 | 8 | 5 | 6.2 | Medium | |
Nation-states | 9 | 4 | 8 | 8 | 4 | 6.6 | Medium | |
Insider Threats | 8 | 4 | 6 | 7 | 8 | 6.6 | Medium | |
Supply Chain | 7 | 8 | 8 | 8 | 5 | 7.2 | High | |
OTT | ||||||||
Healthcare-specific Threats | 7 | 7.5 | 6 | 6 | 9 | 7.1 | High | |
Industrial Control Systems | 8 | 7.5 | 8 | 9 | 6 | 7.7 | High |