What are examples of proactive cybersecurity?

Security Strategy & Roadmap Threat & Vulnerability Management

2.4k views2 Comments

Sort by:

VP of Information Security in Finance (non-banking)3 years ago

Although many professionals are pretty much focused on technical controls.
Logical controls are essential for transformational initiatives. Implementing security and privacy by design principles, by working on project, products and services team from the earliest stages possible and continuing to work with them across the lifecycle.
Designing services that can even gracefully fail and identifying how each product or service can be abused.

Director in Construction3 years ago

That is a huge question. Grab a cybersecurity framework like ISO and go through it. Lots of technical controls like password strength, MFA configuration hardening, patching. Don’t forget about other more non- technical controls like background checks, contract items and training.

Content you might like

CISA’s 37 cybersecurity performance goals are too basic.

Strongly agree8%

Agree61%

Neutral20%

Disagree9%

Strongly disagree

View Results

Ransomware negotiator Retainer? Do you currently hold a retainer with a ransomware negotiator consulting firm? If so any recommendations?

We are on the cusp of conducting a pilot of AI tooling - we intend to use Gemini & CoPilot, providing training, guidance & policy to our user group. Before we start we should conduct a risk assessment - my question is: can you recommend a tool or template?

How are you addressing technical debt risk resulting from AI coding tools? Have you established specific processes to manage vulnerabilities in AI-generated code, and are you collaborating with software engineering or other teams using these tools?

Have you patched CVE-2022-3786 or CVE-2022-3602, both of which have an 8.8 rating?

Yes, both30%

Yes, but only 378650%

Yes, but only 36028%

Patching is in progress for one or both6%

No4%