Is your team well trained or does it lack fundamental and often the advanced skills needed to perform their jobs? Are there team members who are the only ones that know certain functions? What happens when they are not available for good reasons or bad ones? Several avenues for acquiring training are available. Many large […]
Control 19: Data Recovery Capability
Develop a written plan that identifies all business owners and the processes needed by them to restore normal operations. Interview the business owners to better understand the dependencies needed to do their normal activities. Conduct annual tabletop exercises with each business process owner. Use mock scenarios that consider availability loss of people, facilities and technology. […]
Control 18: Incident Response Capability
Enlist all employees to report suspicious activities to the Incident Response Team (IRT). Create a dedicated phone number and email address they can use to report issues to your team. Security awareness training to enable all employees to contact help desk with suspicious issues. Monthly IRT team member training that covers the steps in the […]
Control 17: Penetration Tests and Red Team Exercises
Penetration testing is often confused with vulnerability assessments, as mentioned in Control 10. Penetration testing differs in that it involves attempted exploitation. Just like in Control 10, penetration testing should occur in each network zone to ensure adequate coverage. Track all open issues and document through confirmed remediation of all issues to be corrected. Determine […]
Control 16: Secure Network Engineering
Secure networks do not appear by accident. It starts with thoughtful planning and sound engineering principles. Seek out flaws in the current network design as an attacker would and correct all of the faults found in its design. By being intentional and meticulous, a true design can emerge and more importantly it will persist. A […]
Control 15: Data Loss Prevention
Data Loss Prevention (DLP) is a new trend in Information Security, but really should not be. DLP may have been a missed opportunity when Network Intrusion Detection (NIDS) was first introduced. Is it all of a sudden that data exfiltration has become important? How was this missed as a priority for so long? Define what […]