A.4. Technology Vulnerability Evaluation Results and Recommended Actions
Once we identified the critical assets and the threats to those assets, we identified key infrastructure components to evaluate for technology vulnerabilities as part of phase 2 of the OCTAVE Method. This section summarizes our results and specific recommendations based on the results of phase 2. The summary provides a snapshot of how MedSite is managing its technology vulnerabilities.
Figure A-16 shows a high-level map of our computing infrastructure. As a part of the OCTAVE Method, we identified systems of interest for each critical asset and looked at access paths to identify key classes of components. From this, we selected specific instances of the key classes to evaluate ...
Get Managing Information Security Risks: The OCTAVESM Approach now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.