‘Defense in Layers’ — The Exercise
Part 2 of the series ‘Defense In Layers’. Link to ‘Defense In Layers’ The Framework. Please support me by following me on Medium.
Tap, Tap, Tap. ”Excuse me. Your perceived security posture is not what you think it is….” WHAT? How DARE you. We spend at least 10% of our IT budget on security. We must be protected…..Right!….Right?”
There are two ways we typically respond….
Option 1, ’Buy more tools.’
Option 2, ’Be curious and continuously evaluate your cybersecurity posture.’
Buying more tools to pump executives with swag and meaningless statistics doesn’t solve root problems. If you are like me, you’ll get curious. What are we missing? Is it really tools? Where are the security holes in our cybersecurity posture?
This statement, “Your perceived security posture is not what you think it is,” got me thinking. How can I use what I know to improve my enterprises’ cybersecurity posture today? Can I leverage what I know now to perform a self-assessment without making a substantial corporate initiative?
