In my previous post, I went through the need and benefits of deploying a security control baseline according to the framework researched. Two of the most important ideas extracted from the first post are: Implementing a security control baseline to address low to moderate threat sophistication is essential and economically beneficial, because it will target…
Category: cyber preparedness level
Threat oriented cyber strategy with Cyber Prep
Cyber Prep is a preparedness methodology that aligns with a Multi-tier approach to Risk Management as defined in NIST SP 800-39. Cyber Prep supports the first step of this multi-tier approach which is Risk Framing. Risk framing pertains to the organizational level and from there it cascades all down to Mission / Business and Systems…