Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
ID.RA-01.1: Threats and vulnerabilities shall be identified in all relevant assets, including software, network and system architectures, and facilities that house critical computing assets. |
|
ID.RA-01.1 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p63 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p45 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_BASIC_E_p20 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to help organisations mitigate cybersecurity risks by identifying threats and vulnera- bilities in their critical assets. This includes software, networks, systems, and physical locations that support essential computing operations. To support this objective, organisations should: - Understand Key Concepts - A vulnerability is a weakness in hardware, software, or procedures that could be exploited. - A threat is an event or actor that may try to exploit a vulnerability. - A risk is the possible impact if a threat successfully exploits a vulnerability. - Identify Relevant Assets All critical systems, applications, networks, and facilities should be listed and documented. - Respond to Vulnerabilities - Organisations should act on vulnerabilities that are reported by trusted sources (e.g., vendors, service providers, government advisories). - Atthebasiclevel,activescanningisnotrequired,butknownvulnerabilitiesshouldbeaddressedpromptly. - Be Aware of Threats - Organisations should stay informed about common threats relevant to their sector (e.g., phishing, ransom- ware, supply chain risks). - Threat awareness can come from government advisories, industry news, or sector-specific guidance. - Maintain a Simple Risk Register A basic list of known threats and vulnerabilities should be kept, to support decision-making and planning. - Review Periodically This list should be reviewed when new systems are added or when there are major changes in the threat landscape. |
|
A general note, for any purpose. |
The goal of this control is to help organisations mitigate cybersecurity risks by identifying threats and vulnera- bilities in their critical assets. This includes software, networks, systems, and physical locations that support essential computing operations. To support this objective, organisations should: - Understand Key Concepts - A vulnerability is a weakness in hardware, software, or procedures that could be exploited. - A threat is an event or actor that may try to exploit a vulnerability. - A risk is the possible impact if a threat successfully exploits a vulnerability. - Identify Relevant Assets All critical systems, applications, networks, and facilities should be listed and documented. - Respond to Vulnerabilities - Organisations should act on vulnerabilities that are reported by trusted sources (e.g., vendors, service providers, government advisories). - Atthebasiclevel,activescanningisnotrequired,butknownvulnerabilitiesshouldbeaddressedpromptly. - Be Aware of Threats - Organisations should stay informed about common threats relevant to their sector (e.g., phishing, ransom- ware, supply chain risks). - Threat awareness can come from government advisories, industry news, or sector-specific guidance. - Maintain a Simple Risk Register A basic list of known threats and vulnerabilities should be kept, to support decision-making and planning. - Review Periodically This list should be reviewed when new systems are added or when there are major changes in the threat landscape. |
|
A general note, for any purpose. |
The goal of this control is to help organisations mitigate cybersecurity risks by identifying threats and vulnera- bilities in their critical assets. This includes software, networks, systems, and physical locations that support essential computing operations. To support this objective, organisations should: • Understand Key Concepts o A vulnerability is a weakness in hardware, software, or procedures that could be exploited. o A threat is an event or actor that may try to exploit a vulnerability. o A risk is the possible impact if a threat successfully exploits a vulnerability. • Identify Relevant Assets All critical systems, applications, networks, and facilities should be listed and documented. • Respond to Vulnerabilities o Organisations should act on vulnerabilities that are reported by trusted sources (e.g., vendors, service providers, government advisories). o Atthebasiclevel,activescanningisnotrequired,butknownvulnerabilitiesshouldbeaddressedpromptly. • Be Aware of Threats o Organisations should stay informed about common threats relevant to their sector (e.g., phishing, ransom- ware, supply chain risks). o Threat awareness can come from government advisories, industry news, or sector-specific guidance. • Maintain a Simple Risk Register A basic list of known threats and vulnerabilities should be kept, to support decision-making and planning. • Review Periodically This list should be reviewed when new systems are added or when there are major changes in the threat landscape. |
|
A general note, for any purpose. |
<div><p>The goal of this control is to help organisations mitigate cybersecurity risks by identifying threats and vulnera- bilities in their critical assets. This includes software, networks, systems, and physical locations that support essential computing operations. To support this objective, organisations should:</p><ul><li>Understand Key Concepts<ul><li>A vulnerability is a weakness in hardware, software, or procedures that could be exploited.</li><li>A threat is an event or actor that may try to exploit a vulnerability.</li><li>A risk is the possible impact if a threat successfully exploits a vulnerability.</li></ul></li><li>Identify Relevant Assets All critical systems, applications, networks, and facilities should be listed and documented.</li><li>Respond to Vulnerabilities<ul><li>Organisations should act on vulnerabilities that are reported by trusted sources (e.g., vendors, service providers, government advisories).</li><li>Atthebasiclevel,activescanningisnotrequired,butknownvulnerabilitiesshouldbeaddressedpromptly.</li></ul></li><li>Be Aware of Threats<ul><li>Organisations should stay informed about common threats relevant to their sector (e.g., phishing, ransom- ware, supply chain risks).</li><li>Threat awareness can come from government advisories, industry news, or sector-specific guidance.</li></ul></li><li>Maintain a Simple Risk Register A basic list of known threats and vulnerabilities should be kept, to support decision-making and planning.</li><li>Review Periodically This list should be reviewed when new systems are added or when there are major changes in the threat landscape.</li></ul></div> |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
ID.RA-01.1 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Threat and vulnerability identification |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
Threats and vulnerabilities shall be identified in all relevant assets, including software, network and system architectures, and facilities that house critical computing assets. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
21 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 23 of 23
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1