Welcome to Scribd!

Top 10 Riskiest Assets - Draft

Uploaded by

0% found this document useful (0 votes)

9 views10 pages

The document discusses a new prioritization for identifying the 10 riskiest assets across various segments based on vulnerabilities rather than just malware. It outlines an action plan where cybersecurity will send each segment director a monthly report on their segment's 10 riskiest assets based on vulnerabilities. The segments are then responsible for investigating and remediating the vulnerabilities of those top 10 assets within 30 days, after which cybersecurity will follow up on remediation progress.

Original Description:

Original Title

Top 10 Riskiest Assets.draft

Copyright

Available Formats

PPTX, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

9 views10 pages

Top 10 Riskiest Assets - Draft

Uploaded by

Sonic Affair

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 10

Search inside document

Top 10 Riskiest Assets

OCTOBER 2022
CYBERSECURITY
Rapid 7 Vulnerability Report
The Vulnerability Report runs a weekly scan of all ITW assets

Assets are defined physical devices used for business activities;

Computers, Servers, Routers, Firewalls, Switches, etc

Vulnerabilities are weaknesses that leave our assets open to cyber attacks

Each segment has its own vulnerabilities based on its Assets

Why Is this Report Important?
Not addressing these vulnerabilities can leave our Systems/Assets
open for attack

Similar to leaving the front door open

Previous Prioritization of Riskiest Assets
Prioritized the 10 Riskiest Assets based on number of malware kits found in each segment
Issues with Previous Prioritization
◦ Only vulnerabilities with high numbers of malware kits were
thought of as critical and investigated

◦ Leaving other more critical vulnerabilities unaddressed and not

resolved
New Prioritization of Vulnerabilities
Two kinds of Assets
1. External- Less Control and more Vulnerable- expand more
2. Internal- More Control and less Vulnerable- expand more

Vulnerability Priority
What We Need From Each Segment?
Help Remediating 10 Riskiest Assets

Cyber security will send a monthly report to each segment called the “10
Riskiest Assets”

Each segment must review the report and begin investigating and remediation
of 10 Riskiest Assets
Action Plan/Process
1. Pull Report Monthly (Jacob)
2. Identify 10 Riskiest Assets based on new Vulnerability prioritization (Jacon)
3. Submit 10 Riskiest Asset to each Segment director (Naz & Donna)
4. Ask each segment to investigate/remediate vulnerabilities (Segment IT Director)
5. After 30 days, Run Report to see if vulnerabilities have been remediated, additional follow-up
if needed (Jacob/Naz &Donna)

Need swim lanes, cybersec, segment it direct, mark team

Remediation Of 10 Riskiest Assets
Generates
Security 10 Riskiest
Operations Assets
Report

Reviews 10 Sends 10
Cyber
Riskiest Riskiest
Security
Assets Assets
Team
Report Report

Identifies Reports
Remediates
Segment IT solutions to Remediation of
10 Riskiest
Directors remediate 10 10 Riskiest
Assets
Riskiest Assets Assets

Oracle Mantas
Document31 pages
Oracle Mantas
crejoc
100% (1)
LTE Call Processing and Handover - Eng
Document73 pages
LTE Call Processing and Handover - Eng
Kmohamed84
100% (1)
Answer: A Table of 10 Major ERP Systems Used Around The World Is Prepared Showing The Following Factors in It
Document6 pages
Answer: A Table of 10 Major ERP Systems Used Around The World Is Prepared Showing The Following Factors in It
Anika hossain
No ratings yet
OWASP Vulnerability Management Guide (OVMG)
Document20 pages
OWASP Vulnerability Management Guide (OVMG)
rajular
No ratings yet
CEH v12 Lesson 10 - Denial of Services Techniq
Document56 pages
CEH v12 Lesson 10 - Denial of Services Techniq
Abhay Jain
100% (1)
NetOps 2.0 Transformation: The DIRE Methodology
From Everand
NetOps 2.0 Transformation: The DIRE Methodology
Ray Belleville
Rating: 5 out of 5 stars
5/5 (1)
EDR (Endpoint Detection and Response) Report From PeerSpot 2023-06-03 18qy
Document41 pages
EDR (Endpoint Detection and Response) Report From PeerSpot 2023-06-03 18qy
Josue Hernandez
No ratings yet
Tenable Slides For Presentation
Document23 pages
Tenable Slides For Presentation
Tofan Dwi Arta
No ratings yet
PXC Modular Technical Reference
Document54 pages
PXC Modular Technical Reference
automation_chandra
No ratings yet
SCADA Security Overview
Document16 pages
SCADA Security Overview
tevexin998
100% (1)
OWASP Vulnerability Management Guide
Document20 pages
OWASP Vulnerability Management Guide
tarzi01
No ratings yet
Clustered ONTAP Admin 8.2 - Student Guide (STRSW-ILT-D8CADM-REV03-SG) PDF
Document460 pages
Clustered ONTAP Admin 8.2 - Student Guide (STRSW-ILT-D8CADM-REV03-SG) PDF
Jayakanth
No ratings yet
Security Questions Interview Questions
Document11 pages
Security Questions Interview Questions
Saurabh Vashist
No ratings yet
BSides SATX2021
Document18 pages
BSides SATX2021
wdcoii
No ratings yet
VAPT Proposal
Document10 pages
VAPT Proposal
Gaurav saboo
100% (2)
08 LTE Features and Parameters-73P
Document73 pages
08 LTE Features and Parameters-73P
Boualem Amine
No ratings yet
Iaa202 Lab2 Se140442
Document6 pages
Iaa202 Lab2 Se140442
Đinh Khánh Linh
No ratings yet
Roles - CERT in
Document1 page
Roles - CERT in
api-27477209
No ratings yet
The Top 10 Reports For Managing Vulnerabilities: Guide
Document17 pages
The Top 10 Reports For Managing Vulnerabilities: Guide
Juan Jaramillo
No ratings yet
Auditing IS/IT Risk Management, Part 1: The Practice
Document3 pages
Auditing IS/IT Risk Management, Part 1: The Practice
Faeza Azwin
No ratings yet
VM Slides
Document120 pages
VM Slides
Manoj
No ratings yet
Introduction To Risk Based Auditing
Document15 pages
Introduction To Risk Based Auditing
Eko Priadi
No ratings yet
NALCOInida Website Audit
Document5 pages
NALCOInida Website Audit
Siraj Ahmad
No ratings yet
FALLSEM2022-23 CSE3501 ETH VL2022230103462 CAT-2 QP KEY F1 Slot - QP - Answer Key
Document2 pages
FALLSEM2022-23 CSE3501 ETH VL2022230103462 CAT-2 QP KEY F1 Slot - QP - Answer Key
Mohammed Muazz Zuberi
No ratings yet
Nintendo Server Bug Bounty Program - Bug Bounty Program - HackerOne
Document9 pages
Nintendo Server Bug Bounty Program - Bug Bounty Program - HackerOne
Mariuxi Romero
No ratings yet
CIS RAM v2.1 For IG1 Workbook.22.05
Document174 pages
CIS RAM v2.1 For IG1 Workbook.22.05
Romeo Andreica
No ratings yet
Information Security Management
Document7 pages
Information Security Management
Vineet Kakkar
No ratings yet
Cyber Risk Assessment Report 4-15-2024
Document11 pages
Cyber Risk Assessment Report 4-15-2024
manohar
No ratings yet
Cyber Resilience Assessment Framework
Document21 pages
Cyber Resilience Assessment Framework
lava.sky10
No ratings yet
OWASP Vuln MGM Guide Jul23 2020
Document20 pages
OWASP Vuln MGM Guide Jul23 2020
Hank Moody
No ratings yet
Balbix Recurring CISO Board Deck
Document38 pages
Balbix Recurring CISO Board Deck
Satish Reddy
No ratings yet
Fs Fortiguard Managed Detection and Response Service
Document2 pages
Fs Fortiguard Managed Detection and Response Service
Rafael Steven Soto del Campo
No ratings yet
Sentinel One Vigilan
Document2 pages
Sentinel One Vigilan
ouellet.hugo
No ratings yet
Securonix Value of ATS PT 013123
Document1 page
Securonix Value of ATS PT 013123
maykolc
No ratings yet
2019-06-26 Item 3 - Operational Resilience
Document23 pages
2019-06-26 Item 3 - Operational Resilience
Sumaiya
No ratings yet
Maintenance Guide V100R005C00 01 PDF
Document542 pages
Maintenance Guide V100R005C00 01 PDF
Brwa Luqman
No ratings yet
04 Jan 2019 East Coast Data Center Justine J
Document7 pages
04 Jan 2019 East Coast Data Center Justine J
Patrick Cloarec
No ratings yet
HivePro Uni5 Brochure
Document2 pages
HivePro Uni5 Brochure
Famnazfami
No ratings yet
Av Usm
Document4 pages
Av Usm
net flix
No ratings yet
Disaster Recovery Plan: Olicies Rocedures
Document15 pages
Disaster Recovery Plan: Olicies Rocedures
thanhtung196
No ratings yet
Cyber 0security of A Ship
Document2 pages
Cyber 0security of A Ship
jacklee
No ratings yet
Og Fortirecon
Document3 pages
Og Fortirecon
makotico
No ratings yet
Cyber Risk Assessment Report 4-18-2024
Document11 pages
Cyber Risk Assessment Report 4-18-2024
manohar
No ratings yet
Module 2 Assignment 2 Network Vulnerability B
Document9 pages
Module 2 Assignment 2 Network Vulnerability B
api-360051483
No ratings yet
Catalogo de Amenazas PDF
Document2 pages
Catalogo de Amenazas PDF
pikamau
No ratings yet
SEN0202 DataSheet EPP WEB
Document5 pages
SEN0202 DataSheet EPP WEB
gobf
No ratings yet
HPML IT Risk Assessment Report 2022 R3
Document61 pages
HPML IT Risk Assessment Report 2022 R3
sikanhino9090
No ratings yet
Aspect DisasterRecovery InsightOn
Document3 pages
Aspect DisasterRecovery InsightOn
Anh Trang Doremon
No ratings yet
Registry Entries For Services.
Document2 pages
Registry Entries For Services.
sig10
No ratings yet
Erik Decker - Leverage and Demonstrate Value With Your Cyber Insurance Renewal
Document8 pages
Erik Decker - Leverage and Demonstrate Value With Your Cyber Insurance Renewal
boris.hajduk
No ratings yet
Analyzing Risk: Analyze Organizational Risk Analyze The Business Impact of Risk
Document28 pages
Analyzing Risk: Analyze Organizational Risk Analyze The Business Impact of Risk
Hector Vasquez
No ratings yet
Cluster ICT - 2017-Print
Document6 pages
Cluster ICT - 2017-Print
Hery Kurniawan
No ratings yet
Sec Testing Kane
Document100 pages
Sec Testing Kane
Fran jimenez
No ratings yet
Emerging Threats: BRKSEC-2001
Document49 pages
Emerging Threats: BRKSEC-2001
jeffgrantinct
No ratings yet
IIAC - Risk Based Internal Audit
Document23 pages
IIAC - Risk Based Internal Audit
NovandiKurniajaya
No ratings yet
GravityZone OnPremise-1
Document162 pages
GravityZone OnPremise-1
Irina Nastasescu
No ratings yet
Redefining The Cyber Resiliency With IBM Storage and Power 10
Document21 pages
Redefining The Cyber Resiliency With IBM Storage and Power 10
Dwa WA
No ratings yet
Overcoming The Failures of Prevention: Allan Carey Director, Rsa Netwitness Cyber Security Summit July 25, 2011
Document24 pages
Overcoming The Failures of Prevention: Allan Carey Director, Rsa Netwitness Cyber Security Summit July 25, 2011
Thu Lang Hoang
No ratings yet
IT Operations Analytics 021115
Document49 pages
IT Operations Analytics 021115
yonibs
No ratings yet
Microsoft Defender For Business Attack Disruption Data Sheet
Document2 pages
Microsoft Defender For Business Attack Disruption Data Sheet
jaisingla
No ratings yet
Final Project in Infasec
Document33 pages
Final Project in Infasec
Meloi Magpantay
No ratings yet
Dasar-Dasar Pemrograman Client Side Bagian 3 (React Native)
Document13 pages
Dasar-Dasar Pemrograman Client Side Bagian 3 (React Native)
Hemat Si Mamora
No ratings yet
Cross Domain Solutions - 202010
Document29 pages
Cross Domain Solutions - 202010
Bun Constable
No ratings yet
Patch Management Solutions
Document25 pages
Patch Management Solutions
sentoubudo1647
No ratings yet
CIS RAM For IG1 Workbook v21.10.25
Document144 pages
CIS RAM For IG1 Workbook v21.10.25
pikante
No ratings yet
The Ultimate Financial Security Survey
From Everand
The Ultimate Financial Security Survey
James L Schaub
Rating: 5 out of 5 stars
5/5 (1)
Sliding Window Protocols
Document9 pages
Sliding Window Protocols
dj_faaz
No ratings yet
NEC SV9100 Data Sheet
Document2 pages
NEC SV9100 Data Sheet
Mavs Reginaldo
No ratings yet
Ms Windows Nano Server Ga
Document90 pages
Ms Windows Nano Server Ga
Jacques Giard
No ratings yet
Seminar On A P2P File Distribution System
Document22 pages
Seminar On A P2P File Distribution System
Sudipta Paul
No ratings yet
Sony VGN-FZ Series Mbx-165 Foxconn Ms90 Rev 1.0 SCH
Document72 pages
Sony VGN-FZ Series Mbx-165 Foxconn Ms90 Rev 1.0 SCH
Vinicius Souza
No ratings yet
15 0 AAA Reference PDF
Document981 pages
15 0 AAA Reference PDF
allen
No ratings yet
Chapter 4 v8.0
Document102 pages
Chapter 4 v8.0
KHOA CAO TRẦN ANH
No ratings yet
Ccna 3 VLSM Worksheet
Document3 pages
Ccna 3 VLSM Worksheet
shagydoo89
No ratings yet
Tutorial 7 Sol
Document3 pages
Tutorial 7 Sol
gudyanga
No ratings yet
Seminar Report
Document28 pages
Seminar Report
Kãrãñ K Dâhiwãlê
100% (1)
Step by Step Encrypting User Data With EFS in Windows Server 2012 R2
Document21 pages
Step by Step Encrypting User Data With EFS in Windows Server 2012 R2
Makalamangi Brown
No ratings yet
Module 1
Document46 pages
Module 1
Ananya Gowda
No ratings yet
B310s-22TCPU-V200R001B321D03SP00C00 Firmware - Release - Notes
Document14 pages
B310s-22TCPU-V200R001B321D03SP00C00 Firmware - Release - Notes
Julio Luis Calderon
No ratings yet
Acer 3050-5050 (Quanta ZR3)
Document31 pages
Acer 3050-5050 (Quanta ZR3)
ewertonluiz
No ratings yet
Cyber Security Reference Guide
Document14 pages
Cyber Security Reference Guide
Trilok Chandu
No ratings yet
Digital Unit Description
Document12 pages
Digital Unit Description
Amit Singh
No ratings yet
A Siwes Report
Document34 pages
A Siwes Report
OluwaTomi Fhikunmi
No ratings yet
AWS CP 2022 Day1
Document98 pages
AWS CP 2022 Day1
Piyush pal
No ratings yet
Cisco Software Manager Server 4.0 OVA Installation Guide
Document5 pages
Cisco Software Manager Server 4.0 OVA Installation Guide
Adrian Turcu
No ratings yet
Optif For Fox515 - May 2015
Document4 pages
Optif For Fox515 - May 2015
Hiltanto Vixioners Interista
No ratings yet
Cuba Best Prepaid SIM Card Buying Guide (2023) - Phone Travel Wiz
Document1 page
Cuba Best Prepaid SIM Card Buying Guide (2023) - Phone Travel Wiz
Prearit Jeitly
No ratings yet
350 501 Demo
Document9 pages
350 501 Demo
redesip24 24
No ratings yet
Installation Guide: RADWIN 5000
Document75 pages
Installation Guide: RADWIN 5000
Didier Sepulveda
No ratings yet
Day 1 Live Training
Document122 pages
Day 1 Live Training
Adam
No ratings yet