Fundamentals
The fundamentals are practices that eliminate wide areas of risk.
However, many risks are exceptional and require practices that are unique to a situation.
Invest most of our resources on fundamental objectives. Spending some resource on exceptional risks is fine too, but those risks need to be special to compete with the fundamentals.
The following objectives are fundamental. Each one is safe to prioritize early in a security team.
- ✅ Centralize and improve logging.
- ✅ Improve employee responsiveness in reporting incidents.
- ✅ Reduce the risks associated with vendors
- ✅ Reduce the risk of insider abuse.
- ✅ Reduce the risk of an endpoint compromise.
- ✅ Improve responsiveness to incidents.
- ✅ Reduce the risk of remote IaaS API compromise.
- ✅ Reduce the risks of a cloud SaaS account compromise.
- ✅ Lay groundwork for secure development practices.
- ✅ Lay groundwork for future detection efforts.
- ✅ Lay groundwork for future risk management efforts.
- ✅ Lay groundwork for finding and fixing.