Stop theorizing about security configuration.
Stop theorizing about security configurations and start assessing your actual security posture. Implement security controls from each of the pillars, as they collectively support the organization’s cybersecurity mission.
Identify
- Audits
- Reviews
- Forums
- Change Management
- Intelligence Management
- Vulnerability Management
- Assurance
- Security Testing
- Risk Management
- Portfolio Management
- Service Security Design
- Service Security Reviews
- Ticket/Event Management
- Research
Protect
- Device Management
- Antivirus
- Endpoint Detection and Response
- Disk Encryption
- Secure Configuration Management
- Backup & Archive
- Network Security Management (e.g. Firewalls and IPS/IDS)
- Proactive Security Monitoring
- Including Threat Hunting
- Security Patch Management
- Data Protection
- Records Management
- Email Security
- Web Application Security
Detect
- Alerts
- Honeypots
- Canaries
- Deceptions
- Attack Surface Monitoring
Respond
- Incident Management
- Incident Response
- Digital Forensics
- Public Relation and Communications
- Regulatory & Contractual Reporting
Recover
- Backup and Recovery Management
- Disaster Recovery
- Business Continuity Management
Learn
- Lessons Learnt
- Staff Training
- Specialist Training