Protecting The Company

Few notes I came up with when thinking what could a company do to protect itself from aggressive threats that are a byproduct of a geopolitical turmoil.
It’s hard to decide what could be done fast as it depends on the complexity of the infrastructure, human resources and how hard is to introduce new services to the infrastructure.

Most common attacks:

Fastest (partial) remediation:

Nontrivial long-term tasks:

Noteworthy sources

A good step that should be done in the long term cybersecurity program, is to check SOC2 or similar certifications, as those shows what protection mechanisms are required in multiple domains:
https://blog.rsisecurity.com/what-are-the-soc-2-compliance-requirements/
https://www.imperva.com/learn/data-security/soc-2-compliance/

Another source is the NIST cybersecurity framework
https://www.nist.gov/cyberframework

comments powered by Disqus