Getting Started

The NextWare Cyber Collaboration Toolkit is designed to be a flexible resource that allows users to engage with digital and static tools and provides a foundation for addressing challenges ranging from isolated cyber incidents to sector-wide attacks. The Toolkit allows a user or team of users to assess their cybersecurity interests and visualize their findings in a presentation-based narrative for cybersecurity decision-makers.

Users do not have to follow a linear process and can choose to start with any of the three core, digital tools offered in the Generate Visualizations section: the Threat Assessment Graph, the Issue Scoping Chart, or the Impact Over Time Graph. It is recommended that users begin with the Threat Assessment Graph, which will help them define their threat landscape and build context supporting the use of the remaining tools. In the Resources section, the Toolkit also offers two static tools that further explore stakeholders’ interests: the Stakeholder Map and the Interest Area Scale. All of the tools are accompanied by a how-to section explaining their purpose, methodology, and analysis and allow users to easily download the visuals they create. The Resources section also offers examples of completed versions of the tools and additional links to external resources if the user chooses to explore cybersecurity issues in more depth.

Before you Begin

The tools presented in the Toolkit guide users through methods in which they conduct preliminary threat assessments and stakeholder analyses in order to determine an effective course of action to improve their cybersecurity. Before engaging with the tools, users should conduct informal brainstorming activities or carry out more formal research in order to understand their cyber threat landscape and identify their stakeholders.



Each of the tools presented in the NextWare Cyber Collaboration Toolkit can be utilized at varied levels of methodological and analytical rigor:


At this level, an individual user engages directly with the toolkit and conducts informal, qualitative research or data collection over a short period of time–from hours to a few days. This level of methodological and analytical rigor is useful for internal purposes and supports those looking to make a case for further assessment of cybersecurity methods within their organization.

Small Team

At this level, a select group engages directly with the toolkit and conducts informal, qualitative research and data collection over a longer period of time–from a few days to several weeks. This level of methodological and analytical rigor is useful for internal purposes and supports the development of an action plan for improving cybersecurity methods within an organization.

Large Team

At this level, users may choose to convene a large team or contract an outside organization to conduct formal, qualitative and quantitative research and collect data based on the Toolkit. This could include surveying stakeholders to determine their interests, motivations, or power, collecting cyber threat intelligence, or assessing the organization’s risk. This level of methodological and analytical rigor is useful for identifying specific solutions to cyber challenges and may produce data generalizable to the industry or sector level.


Following are some suggestions and additional resources to help users understand their cyber threat landscape and identify stakeholders:

The Cyber Threat Landscape

Cybersecurity involves a complex and constantly shifting threat landscape. Understanding the character and severity of possible threats is critical to implementing appropriate and effective cybersecurity solutions. The following chart provides a broad overview of the cyber threat landscape and identifies key elements important to conducting threat assessments:

View/Download the Threat Landscape Chart

Stakeholder Identification

For the purposes of this Toolkit, a stakeholder is any person, group, or organization that is directly or indirectly affected by or has an interest in the outcome of an isolated cyber incident or ongoing attacks against the user’s organization. This definition intentionally takes into consideration a wide range of stakeholders in order to encourage broadly focused, multi-disciplinary analysis of cybersecurity challenges. When identifying stakeholders, it is useful to consider them as part of a category or group based on characteristics such as their interests, sector, or discipline.

Stakeholder lists will be mostly unique from one user to the next but some stakeholders may remain constant. The graphic provided below describes Federal cybersecurity roles and will help users identify potential stakeholders in the U.S. government:

View/Download Federal Cybersecurity Roles 


After analyzing the output from the tools, users should be able to draw conclusions about their cybersecurity needs, identify potential partnerships, and propose specific actions to improve their cybersecurity. In the Drawing Conclusions section, the Toolkit provides a framework for this analysis and offers a template for presenting conclusions and making the case for cyber collaboration to decision-makers.