Knowing your enemy:
1. Know threat actors and Possible threats;
2. The ways of imposing these threats.
3. Knowing yourself:
4. Know your vulnerabilities (e.g. your cybersecurity knowledge and skills);
4. Know your organizational digital systems’ vulnerabilities.