With another year of too many high profile, and quite frankly avoidable, data breaches under our belts, it’s time to take a look forward and identify areas where you may be able to improve your security program and hopefully become more efficient and reduce risk more effectively.
The list below is based on my late year 2017 conversations with numerous CISOs and where they see making the biggest investments and effort in the year ahead will help them improve the most. Perhaps you’ll find the most recurring themes from these conversations useful, too.
Getting betting at the basics. There’s a reason why athletes, or those proficient in anything, make certain to keep themselves sharp with the basics. It’s because the basics, while the essentials, aren’t always necessarily easy to do at high performance day after day. The same is true for security organizations. Getting identity management, vulnerability management, good software development hygiene in place in continuous development pipelines, configuration management, and cloud security, and more. Now is a good time, to take a had look at how well your organization focuses on the basics, and improve were improvement can be made.