Interdependencies between essential and important entities
ENISA Interdependencies Indicators Tool
NIST Cybersecurity Framework Description | EXAMPLE OF IMPLEMENTATION |
---|---|
Notifications from detection systems are investigated
Analysis is conducted to ensure effective response and support recovery activities. |
Investigation and forensics may be linked with the mean downtime as an indicator |
The impact of the incident is understood
Analysis is conducted to ensure effective response and support recovery activities. |
Understanding the impact of an incident in an holistic view will result in applying the right controls in order to reduce the loss of service capabilities |
Forensics are performed
Analysis is conducted to ensure effective response and support recovery activities. |
Investigation and forensics may be linked with the mean downtime as an indicator |
Resources (e.g., hardware, devices, data, and software) are prioritized based on their classification, criticality, and business value
The data, personnel, devices, systems, and facilities that enable the organisation to achieve business purposes are identified and managed consistent with their relative importance to organisational objectives and the organisation’s risk strategy. |
Classify resources according to their criticality and value will enable to localise loss of service capabilities |
Incidents are categorized consistent with response plans
Analysis is conducted to ensure effective response and support recovery activities. |
Identified vulnerabilities are documented in order to improve response time for such resilience in the future |