Exposures

From The Secure Arc Wiki

Jump to: navigation, search
Go to Asset DefinitionGo to Asset ValueYou Are HereYou Are HereYou Are HereYou Are HereYou Are HereYou Are HereGo to Asset VulnerabilitiesGo to Asset ImpactGo to ThreatsGo to Deterrent ControlGo to Detective ControlGo to Preventative ControlGo to Corrective ControlGo to CountermeasuresGo to CountermeasuresGo to CountermeasuresGo to CountermeasuresGo to CountermeasuresGo to CountermeasuresGo to CountermeasuresBack up to Security Controls

The Exposures box encapsulate the Vulnerabilities that can be exploited on Infrastructure Assets, which in turn expose the Information Assets that they either process, transmit or store and are inherently supposed to protect. Each Information Asset has a value to the owning organization and therefore there is an Impact to the organization if one of those Vulnerabilities is exploited. In a somewhat overly simplified one liner, the value of the Information Assets exposed are the driver for the selection of the Countermeasures required to protect them.

The Exposure domain is broken down into the following areas:

  1. Asset Definition
  2. Asset Values
  3. Vulnerabilities
  4. Asset Impact

Everything begins with the Asset Definition phase, so this is a good place to begin.

Navigation

Personal tools