How to counteract vulnerabilities in an organization?
By Global Trust Association
16 August, 2019 | 01:08hrs
There are many ways to exploit an organization’s vulnerabilities. Nowadays, not only physical security of information is necessary, it is also necessary to take logical security measures since an organization can be attacked remotely.
As recommended by ISO 27032 Cybersecurity Guideline, an organization should identify its main vulnerabilities. Vulnerability is understood as the weakness of an asset or control that can be exploited by a threat, the latter being a potential cause of an unwanted incident, which can damage a system, individual or organization.
Some of the vulnerabilities an organization must take into account are the following:
- Human Vulnerabilities (negligence, training, etc.)
- Hardware vulnerabilities (bad design, manufacturing errors, others)
- Software vulnerabilities (error programming, design, control, implementation, access, among others)
- Storage Media Vulnerabilities
- Communication vulnerabilities (transmission of data)
- Physical Vulnerabilities (access to facilities)
- Natural Vulnerabilities (error in prevention)
Vulnerability assessment should be an ongoing task. Therefore, an organization needs to focus its efforts on searching for, finding and exploiting vulnerabilities to intercept, modify, and disrupt any threat affecting the organization.