Building a Cyber Security Program Pt. 3

For this article I wanted to dive into some core areas to cover when it comes to "cyber defenses". Some of the core components to have or get in place are: Identity and Access Management (IAM), central logging and monitoring of technology assets/data, encryption in areas where applicable(at rest, in motion, in use), incident response and backup/recovery. Each of these areas are a ton to unpack and I will cover each in more detail with future articles so be sure to stay tuned! With these foundational components, tooling is a big part. Trying to "sell" cyber security "cost" to a business can be tough. Thinking of each area: IAM solution can be bought or built and depending on the size and scope of the user base may increase spend, logging and monitoring solutions (SIEMs, connectors, log/data feeds and storage), if encryption is in place - will decryption be needed for incident response teams? Then with incident response, will it be outsourced? Will coverage be 24/7? With backups and recovery - storage costs can add up here. So going through a list at high level it sounds like a huge bill to bring to a business. In my next article for Building a Cyber Security Program series, I will go over ways that have helped me build PARTNERSHIPS with business and technology leaders to INVEST in cyber security rather than try to "sell" cyber security. Have a great day and please share this if it brought you value in some way, shape or form! Thank you for reading!