6.6 Evaluating the cybervulnerability of an organization
|
| < Day Day Up > |
|
Cybervulnerability means far more than just the level of security that an organization has on its own systems. Those details can be addressed through developing an IS security plan and a computer-incident response plan, covered in Action Checklist Number 2 presented at the end of Chapter 2.
A comprehensive look at cybervulnerability includes an examination of what will happen in an organization if its business partners and service providers suffer a debilitating attack. Action Checklist Number 6 (see Table 6.7) shows steps that IT managers can take to evaluate the overall cybervulnerability of their organizations.
| Action Item | Status (e.g., Completed, Pending, or N/A) |
|---|---|
| Evaluate the methods by which the organization communicates and conducts business transactions with suppliers. | |
| Determine the vulnerabilities in the systems used to work with suppliers and develop an action plan to improve security in those systems. | |
| Evaluate the methods by which the organization communicates and conducts business transactions with customers. | |
| Determine the vulnerabilities in the systems used to work with customers and develop an action plan to improve security in those systems. | |
| Evaluate the methods by which the organization communicates and conducts business transactions with service providers. | |
| Determine the vulnerabilities in the systems used to work with service providers, and develop an action plan to improve security in those systems. |
The next chapter focuses on participating in a national cyberspace security response system.
|
| < Day Day Up > |
|
EAN: 2147483647
Pages: 248