13
Classify Your Data and Assets
This chapter is about classifying your data and assets. We covered classifying data according to the impact level of its loss in Chapter 10. A fully developed mature advanced information security program has an asset inventory and has classified those assets as critical. If you have a large-scale environment, this task can be daunting.
You should start with the assets that have critical data on them. Think about the critical data your company needs to protect and any device, server, or host on which information is processed, transferred, and stored. No problem, right?
In this chapter, we’re going to cover the following main topics:
- Start with your data
- Classifying your assets
- Training
- Monitoring
- Subnetting
Get A CISO Guide to Cyber Resilience now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.