O'Reilly logo

Inside Network Security Assessment: Guarding Your IT Infrastructure by David Kim, Michael Gregg

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Reviewing Critical Systems and Information

If your organization has not sufficiently identified its critical information and systems, this is the point where you’re going to want to roll up your sleeves and find out what’s most important. Although there are different ways to accomplish this, the best way we have discovered is to follow the methodology laid out by the National Security Agency (NSA) Information Assessment Methodology (IAM). They have developed a quick and easy way to nail down what is critical. It’s a qualitative type assessment that ranks the system by confidentiality, integrity, and availability. There are two types of criticalities that we will be discussing:

  • Organization Information Criticality Matrix (OICM)

  • Systems Criticality ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required