Interdependencies between essential and important entities
ENISA Interdependencies Indicators Tool
NIST Cybersecurity Framework Description | EXAMPLE OF IMPLEMENTATION |
---|---|
Newly identified vulnerabilities are mitigated or documented as accepted risks
Activities are performed to prevent expansion of an event, mitigate its effects, and resolve the incident. |
Identified vulnerabilities are documented in order to improve response time for such resilience in the future |
Recovery plans incorporate lessons learned
Recovery planning and processes are improved by incorporating lessons learned into future activities. |
Lessons learned aim at improving response time for such resilience in the future |
Software platforms and applications within the organisation are inventoried
The data, personnel, devices, systems, and facilities that enable the organisation to achieve business purposes are identified and managed consistent with their relative importance to organisational objectives and the organisation’s risk strategy. |
Inventory of systems and application provides with an enterprise architecture that helps to localize resilience areas |
Vulnerability scans are performed
The information system and assets are monitored to identify cybersecurity events and verify the effectiveness of protective measures. |
Identified vulnerabilities are documented in order to improve response time for such resilience in the future |