New York Cyber Conference Panelists Stress Importance of Unified Cybersecurity Plan

By | September 27, 2016

  • September 27, 2016 at 7:24 pm
    Andrew Bycroft says:
    Like or Dislike:
    Thumb up 0
    Thumb down 0

    It’s all good and well to talk about the need for a unified cybersecurity plan, but talking about problems without providing solutions is counterproductive. Considering the article did not offer a solution, here is a six step plan I prepared earlier (and I tested it too on a number of companies listed on the Australian Stock Exchange; yes it really works):

    1. asset management – discover and classify the most critical assets to the business

    2. vulnerability management – discover and remediate the most critical vulnerabilities within the most critical assets

    3. threat management – predict and prevent the most critical threats that could exploit the most critical vulnerabilities

    4. incident management – detect and respond to the most critical attacks that have eventuated from the most critical threats

    5. continuity management – confirm and recover from the most critical breaches that have resulted from the most critical attacks

    6. crisis management – avoid accept, transfer, or reduce the impact that has manifested from the most critical breaches.

Add a Comment

Your email address will not be published. Required fields are marked *