Acme Enterprise is a private company that is gearing up for an initial public offering (IPO). Prior to going public Acme must be in compliance with: GDPR, PCI DSS, and SOX. Acme is in the water purification business with new technologies that purify water in any form whether it is sewage, ocean, lake etc.
Part of its IPO process is to show due diligence and due care. Acme has identified your team to conduct a risk assessment and analysis of its information technology infrastructure to uncover any threats and exposures and provide mitigations and controls to reduce those uncovered threat/exposures, so it can have a successful IPO.
Using the Network Infrastructure design of the Acme Enterprise you are to assess risk of Acme’s:
1. Perimeter Security
2. Network Security
3. Endpoint Security
4. Application Security
5. Data Security
6. Operations
7. Policy Management