Home

Securable

Securable is an adjective used in information security and risk management to describe an asset, system, or process that can be protected by security controls to reduce risk to an acceptable level. An asset is securable when its security properties—confidentiality, integrity, availability, and accountability—can be addressed through concrete controls such as authentication, authorization, encryption, auditing, patch management, and physical safeguards.

Assessing securability involves evaluating the asset’s threat surface, control coverage, resilience, and measurability. Key factors include

Examples of securable assets include cloud storage with strict access controls, encryption at rest and in transit,

Limitations exist: securability does not guarantee security, as threats evolve, configurations may be misapplied, and supply

clear
ownership,
well-defined
data
classifications,
enforceable
policies,
and
the
ability
to
monitor
and
respond
to
events.
A
securable
system
supports
defense
in
depth
and
scalable
controls,
and
its
cost
and
complexity
are
justified
by
the
level
of
risk
it
mitigates.
and
comprehensive
logging
and
monitoring;
or
의료
records
systems
with
role-based
access,
audit
trails,
and
data
integrity
checks.
By
contrast,
devices
with
default
credentials,
unpatched
software,
or
permissive
configurations
may
be
less
securable
due
to
higher
risk
and
weaker
control
coverage.
chain
risks
can
undermine
protections.
Securability
is
a
characteristic
assessed
during
risk
assessment
and
security
design,
informing
decisions
about
controls,
cost,
and
residual
risk
rather
than
a
static
property.
See
also
security
by
design,
least
privilege,
threat
modeling,
and
risk
assessment.