In my previous post, I went through the need and benefits of deploying a security control baseline according to the framework researched. Two of the most important ideas extracted from the first post are: Implementing a security control baseline to address low to moderate threat sophistication is essential and economically beneficial, because it will target…
Category: Cyber Preparedness
Threat oriented cyber strategy with Cyber Prep
Cyber Prep is a preparedness methodology that aligns with a Multi-tier approach to Risk Management as defined in NIST SP 800-39. Cyber Prep supports the first step of this multi-tier approach which is Risk Framing. Risk framing pertains to the organizational level and from there it cascades all down to Mission / Business and Systems…
Understanding the threat for Organizational Cyber Preparedness
I have spent some time working in the threat industry and through my own experience, I started getting interested in looking at things from a different perspective. There are great professionals and researchers in this area of cyber security however, it lacks cohesion. A higher degree of cohesion within as well as in other areas,…