Monday, September 16, 2019

A Cyber Security Perspective


Often the detail is important in cyber security. Key details are everywhere. 




Details keep cyber security teams running in every direction. 


But, sometimes the broader picture is important too, a level of abstraction away from the details. 



The perspective, what the team is trying to do. 


But, what the team is trying to do shouldn’t be a list of their tools.


It’s the outcome of all of the tools, and team members, and improvements, and measures. 


All rolled up into a security program.       
                                    

Common sense says that you aren’t going to base your security program on fixing vulnerabilities, or Kali linux, or having a red team, or patching, or backups. 


But common sense isn’t a fundamental part of every security program. 


A security program needs to be defined by things that executives understand. 


A good start for discussion….


We are at a certain point today with some things that we do well and others that we don’t.

This is where we plan to be at some defined point in the future.

Next quarter.

Next year.

Next major audit.

These are the resources that are missing to get there. And why we are asking for those. 


And, then, you’ll have a shot at getting the resources that you need to do great things. 


Follow me on Twitter for discussion and the latest blog updates: @Opinionatedsec1. Or, start your own discussion using #crazygoodcyberteams on twitter or Linkedin and I'll read it.


SEE ALSO


Cyber Security Has Its Own Shadow Problem 

The Eyes And Hands That Scale A Cyber Program 

Some Potential Indicators of an Immature Cyber Security Program  

Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)