I need this assignment wrote orignally as if I were the CIO/CISO, not copied and paste You are the CIO/CISO of St. Elgius. The organization has no strategy around vulnerability management or patch management. There are both externally and internally facing vulnerabilities present. Additionally, endpoint vulnerability is very bad as there is no patching remediation program in place. Server vulnerabilities are better as the hospital uses some servers that are cloud hosted in AWS which are patched automatically. How would you implement a vulnerability management program? What tooling would you choose? Would your approach change for external vs. internal vulnerabilities?
I need this assignment wrote orignally as if I were the CIO/CISO, not copied and paste
You are the CIO/CISO of St. Elgius. The organization has no strategy around vulnerability management or patch management. There are both externally and internally facing vulnerabilities present. Additionally, endpoint vulnerability is very bad as there is no patching remediation program in place. Server vulnerabilities are better as the hospital uses some servers that are cloud hosted in AWS which are patched automatically.
- How would you implement a vulnerability management program? What tooling would you choose? Would your approach change for external vs. internal vulnerabilities?
- How would you put a corresponding patch management program in place to mitigate identified vulnerabilities?
- For both #1 and #2, discuss how your approach would change for servers vs. endpoints given the facts above.
Note: As per our company guidelines, we are supposed to answer only one question. Kindly repost other questions as separate questions.
As a CIO of St. Elgius, Vulnerability management is a method that may be used by companies to monitor, minimise, and remove vulnerabilities in existing system/server. It entails detecting and categorising vulnerabilities such that suitable safeguards or remediations may be implemented.
Step by step
Solved in 4 steps
