Cybersecurity Automation: Ask This;

Cybersecurity Automation: Ask This;

TLDR: Ask This;

1. Do you have devices that provide support for automated security status monitoring tools, specifically for monitoring system events related to cybersecurity (example, syslog)?

2. Does the vendor have an industry recognized security track record or are they not cybersecurity experts and relatively new to the security scene?

3. When using external vendors for process outsourcing or automation technology, have they been assessed for vendor risk to ensure robust governance and cybersecurity protocols are in place?

4. Does your cybersecurity plan include recognition of critical facilities and/or cyber assets that are dependent upon IT or automated processing?

5. What are your organizations policies and procedures governing risk generally and Cybersecurity risk specifically. How does senior management communicate and oversee policies and procedures?

6. What does it take for automated logical reasoning behind governance and adjudication decisions necessary for cybersecurity management?

7. Do you have a process to ensure cybersecurity for your entire fleet of automation assets?

8. Are you sharing cybersecurity information using automated exchange standards with other organizations?

9. Do you have a working process for the vetting and implementation of new technologies, including behavioral analytics, automation and cognitive, for inclusion in your cybersecurity architecture?

10. How do you account for the role and benefit that At-Will inspections provide in ensuring that Departmental contractors have adopted adequate cybersecurity measures?

11. Which of areas of the cybersecurity process is your organization using automation in?

12. Does your organization have a formal escalation process to address cybersecurity risks that suddenly increase in severity?

13. Do you have a cybersecurity concept tailored to your automation environment?

14. What are the principal technical and operational options for enabling automated enforcement, at both the network and device levels, and how do you address cybersecurity and privacy requirements?

15. How does your organization build a cybersecurity program for securing cryptoassets?

16. Do you see cybersecurity as a risk to automated vehicles?

17. Do entities have a fit for purpose Cybersecurity risk management framework?

18. What cybersecurity risks will you have from greater connectivity of operational technology?

19. What is the regulators role regarding cybersecurity and cyber resilience?

20. How often does your organization carry out a cybersecurity scan (security assessment) in the OT network?

21. Does your organization have a defined cybersecurity strategy currently in place?

22. Does your business have a suitable it infrastructure which could prevent cybersecurity breaches?

23. Who could argue, since nearly every known cybersecurity solution has failed to prevent data breaches?

24. What does you industrial cybersecurity team need to know?

25. What does your industrial cybersecurity team need to do?

26. Do your partners have the same risk appetite and cybersecurity measures as you do?

27. How do the threats to cybersecurity have changed over time in Industrial Control Systems?

28. What systems does your cybersecurity strategy include?

29. Are you using the data and other outputs from your cybersecurity strategy to improve your program over time?

30. What needs to change in cybersecurity automation to further enhance risk based decisions?

31. What is the relationship between cybersecurity analytics and incident response automation and orchestration?

32. How does cybersecurity impact infrastructure decisions and implementation?

33. How does being a professional create special ethical obligations for the cybersecurity practitioner?

34. Do you know the current cybersecurity risk level and potential business impact?

35. Does the slow adoption of automation in cybersecurity leave organizations at an increased risk?

36. Where should is building automation system cybersecurity a concern?

37. Do you normally consider cybersecurity in your automation systems procurement process?

38. What are the cybersecurity and Data Privacy issues with digital automation?

39. What does good cybersecurity look like?

40. How do you react to the new information, the new threat information, the type of cybersecurity automation tools?

41. Is cybersecurity part of your business risk management process?

42. How do you manage the security of your automated processes and prevent cyber attacks, intrusions or hacks?

43. How do you realize the benefits of Big Data while also addressing cybersecurity and privacy issues?

44. Are cybersecurity events automatically contained from spreading to and harming other assets with which data is exchanged?

45. Do you have a robust cybersecurity program in place?

46. How expensive are cybersecurity attacks, data breaches?

47. What about cybersecurity and data privacy?

48. Do you remember when automation and cybersecurity were separate conversations?

Organized by Key Themes: SECURITY, RISK, MANAGEMENT, DATA, TECHNOLOGY, COMPLIANCE, CLOUD, DEVELOPMENT, CYBER, AUTOMATION:

SECURITY:

How does your response be improved for future incidents?

Be certain that your operation works with Technology Risk Management and Information Security Division to ensure cyber vulnerability remediation solutions are understood and implemented.?

Do you schedule reports to automatically run and be distributed on a set schedule?

Provide network security policy management across cloud and on-premise network, proactively assess policy change request for risk and compliance violations, automate network security changes, assess risky traffic flows, safely remove firewall rules when business applications are decommissioned without impacting other applications, and generating reports for audit related activities.?

What are the goals and objectives of the other identified stakeholders?

Implement a system wide risk management function of the information security program to ensure information security risks are identified and monitored.?

Are companies leveraging data analytics to develop key risk indicators?

Work with Compliance team members to develop security risk management guidance for the business.?

Are there any legacy systems that have known issues with automated scanning?

Collaborate with the Information Security Vulnerability Management team to enhance the network scanning, and cloud service provider configuration scanning.?

Do you need to develop automated procedures for Incident Handling?

Work with Application Security and Vulnerability Threat Management teams to prioritize team requirements, develop execution delivery plans, and design a delivery feedback mechanism for product delivery tracking.?

What is the cybersecurity industry doing to ensure a more representative work force?

Generate metrics and reports and present to executive management and line of business directors across the Cybersecurity Team and Information Security Organization.?

What is the current picture for the adoption of cybersecurity automation technologies?

Verify that your personnel is using this model the Insights and Automation team helps other security teams with vulnerability management, resolving configuration issues, triaging security incidents, and understanding your enterprise risk portfolio.?

How do you detect and prevent phishing attacks, beyond security awareness training?

Make sure the Risk Management Team is comprised of risk management professionals who are part of the Security and Resiliency function under your Chief Information Security Officer.?

What do cyberattacks and hundreds more have in common?

Verify that your process supports all aspects of the information security Risk Management and Security Awareness Program.?

RISK:

Will automated or manual procedures be used?

Safeguard that your team improve the Cyber GRC programs including Third Party Risk Management and Issues and Exception Management to further mature existing processes and controls including use of automation and optimization.?

Where can cloud based applications support the automation of workflows as pricing, customer approvals, compliance, and reporting?

Ensure your primary mission is to perform independent and objective assessments of business activities and related controls with the objective of improving operations (efficiency, (internal) customer experience, and free cash flow); compliance with laws, regulations and company policies; and risk management and the overall system of internal controls.?

How do you improve your router security?

Be confident that your workforce a part of a unique (internal) client proposition, assisting your (internal) clients develop proper internal controls by leveraging analytics and technology solutions to underpin efficient execution of governance, to optimise their risk and compliance policies and processes and improve business performance.?

Who is involved in patching policy?

Assure your organization is involved in building and managing data driven compliance and risk management programs.?

Why do you conduct performance audits?

Oversee that your personnel is driving the QA team in the development of the test scenarios and test execution, test management of overall test schedule, quality assurance resource requirements, testing effort estimation, risk assessment, defect triaging, test data management end-to-end across all the project sub systems, conduct/co-ordinate testing meetings with all the internal and external core teams.?

Do governance processes and your organizational culture enable effective risk management?

Make sure the goal of the Cyber Risk Management team is to enable leaders at all levels of your organization to make reliable and defensible business decisions about cyber risk.?

How do customer analytics solutions automate the machine learning process?

Lead efforts to onboard enterprise wide compliance solutions as GRC platforms, third party risk management platforms, Whistleblower management system, and data privacy management systems.?

Are the impacts of using contractors addressed?

Be a consultant and catalyst for improvement by assisting management in the improvement of IT controls and management of risk by providing value add IT control and business process recommendations.?

Do you need some ideas to get started in mapping out your Cybersecurity Training Plan?

Make headway so that your strategy evaluates the effectiveness and efficiency of IT controls, risk management and governance processes across a wide variety of IT Platforms, Product Lines and Business Unit operations.?

How comprehensive is your cyber incident response plan?

Establish partnerships with business leaders and ensure that audit processes are aligned with strategic direction through the development of an appropriate risk assessment process supporting the development of the rolling audit plan and execution of audits in alignment with the approved audit plan.?

MANAGEMENT:

Does your cybersecurity plan include recognition of critical facilities and/or cyber assets that are dependent upon IT or automated processing?

Make sure the Information Technology Service Management (ITSM) Incident Process Analyst supports the design, deployment, and operations of IT Infrastructure based processes.?

Do you have devices that provide support for automated security status monitoring tools, specifically for monitoring system events related to cybersecurity (example, syslog)?

Develop experience building tools to support data management and automation including dashboards and SQL based data manipulation tools.?

Which industry sector does your organization operate in?

Oversee the annual assessment of design and operating effectiveness of IT controls, including identification and evaluation of deficiencies; creation and tracking of management action plans; coordination with the External Auditor for reliance controls; ensure overall audit quality of Internal Audit activities and that the Internal Audit team complies with the Internal Audit standards.?

What capabilities are enhanced by automation and the use of tools?

Identify resource requirements; assign tasks to project members, report progress; ensure (internal) customer and management involvement throughout the software development lifecycle process; resolve critical issues affecting the configuration of the IT infrastructure; and coordinate the demonstration of new and enhanced applications to (internal) customers and management.?

Is your reporting across the sub categories of non financial risk consistent?

Secure that your organization establishes a test and automation strategy, creating common test frameworks, defining and managing test processes including test data generation, defect management and reporting.?

Who was involved in completing the assessment?

Oversee that your team is involved in configuration of SIEM tools including log aggregations, alarm management, and integration into an incident management process.?

How do you choose the best antivirus software?

Lead threat modeling, design use cases and create correlation rules for threat detection and regulatory compliance via SIEM platform, applying a combination of hands-on technical skills and staff management responsibilities.?

Have you identified and protected your most valuable processes and information?

Partner with the Issues Management team to ensure that deficient processes and areas are covered, and to ensure issues identified are tracked and monitored.?

How will you inform the business with automated monitoring and reporting?

Make headway so that your process is responsible for management of the Incident Response Program that includes incident response service delivery end to end, from evaluation to resolution/lessons learned and reporting.?

How much of your cybersecurity budget is spent on solving past problems?

Guarantee your staff participates in access management automation efforts to minimize manual work and ensures transparency in all aspects of the secure cloud ecosystem.?

DATA:

Are all pertinent changes reviewed?

Make sure your operation is involved in system implementation review is under management including review of user acceptance testing (UAT), data conversion, interface testing, and access review.?

Are you currently monitoring your cloud environments for security incidents?

Certify your workforce validates the logging of information or data into log monitoring tools as Sumo logic to ensure compliance and effective logging of the application, network, infra structure and website traffic.?

Does automation of management of the system account really exist?

Leverage your expertise of cyber data and information to analyze and identify data requirements by using specialized tools and services and developing intelligence products.?

Who in your organization is responsible for governing and managing risks emerging from automated processes?

Monitor and track execution of required testing and auditing activities by the responsible Data and Digital teams to ensure compliance with the Data and Digital control framework.?

Does it include support systems, backup systems and utilities?

Lead the strategic design and implementation of the data architecture for your Business Intelligence initiative as well as other processes that support the business.?

How is nist promoting the use of automation for continuous monitoring activities?

Assure your team is involved in collecting data, performing analysis and promoting data driven decision making.?

How often are you involved in your organizations cybersecurity issues?

Safeguard that your organization is involved in log/data analysis tools as Splunk, MySQL, MongoDB, and data pipelines.?

Is the cloud application research team augmented by machine learning and automation?

Conduct analysis on very large data sets using standard industry tools and languages for systems engineering, operations research, modeling, and simulation.?

What can be learned from test automation?

Secure that your personnel conditions and generates test data and ensure data compliance requirements are met on all levels of test environments.?

Do your mobile devices have complex passwords or PINS with time sensitive, automatically locking security features?

Be confident that your workforce is involved in the coordination, development, and tracking responses for data call inquiries from higher echelon or other organization departments.?

TECHNOLOGY:

How do you stretch your capabilities into new areas?

Lead key Internal Audit technology initiatives around process improvement including increased use of data analytics, process automation (RPA) etc.?

What can organizations do to make measurable improvements in the cybersecurity analytics and operations?

Establish that your workforce is leveraging delivery analysis and tools to evaluate, optimize, and continuously improve team output and delivery of business and technology outcomes.?

What is the marginal benefit per unit cost of doing more, or less?

Check that your process is acting as a change agent for technologies and supporting processes by leveraging Agile practices to maximize results measured by performance and availability, business agility, technology freshness, and cost optimization.?

What are some best practices for automating compliance processes?

Apply information systems development, implementation, and operation control concepts in a variety of technology settings, and assess the exposures from ineffective or missing Internal control practices.?

Did notification and reporting work well?

Coordinate and collaborate with Information Technology (IT) and Operational Technology (OT) organizations in response to classified and unclassified physical and cyber threat reporting.?

Which are the ICS cybersecurity related challenges?

Make sure the team works across your organization and in particular, closely with Technology, Legal, Finance, Human Resources, and Data Governance.?

Do all remote workstations that access a dial up enabled critical cyber asset automatically become critical assets themselves?

Work closely with IT and business teams on the operation of Data Protection related technology.?

Do you knowingly open emails that are delivered to your spam folder?

Oversee that your company is involved in building propositions that blend professional services with technology and automation to deliver consistent, repeatable solutions.?

Are you monitoring your network to detect potential cybersecurity events?

Develop experience leading a technical team through a comprehensive technology software upgrades over an accelerated delivery schedule.?

What is responsible disclosure and how does it work?

Ensure your mission is to provide business technology solutions for the enterprise that empower growth, and enhance value across brands, geographies and organizations.?

COMPLIANCE:

What capability exists to gather forensics and investigate a cyber incident?

Invest in the development and implementation of business processes, procedures and tools to ensure compliance with applicable regulations and corporate policies.?

Does the executive actively support a secure online environment?

Be confident that your group is driving key outcomes in support of regulatory and compliance needs, new revenue growth, process optimization, and other business wide analytics needs.?

Do you have frequent exchanges with others that could be automated and preprogrammed, freeing up valuable time and resources?

Assess the design of compliance related controls, keep abreast with new regulatory or processes changes from system implementations or business model transformation.?

How do you provide self service and/ or automated mechanisms where your employees can help find and/or fix issues themselves with great levels of transparency and understanding of the issues?

Be certain that your organization is working with internal compliance team to write self identified compliance issues, corrective actions, and find solutions for issues.?

How is automated sharing supported?

Ensure processes are fully met in line with organization guidelines, policies and standards; and support compliance reviews, testing and audits.?

Have sector specific security priorities been defined?

Develop experience partnering with Engineering, Product, and Development teams to define compliance needs in a multi product environment.?

Who is responsible for better cybersecurity?

Ensure your design is involved in internal controls practices and compliance topics as Sarbanes Oxley testing.?

Why does the cost SOAR when including support units?

Help with automation to support compliance with various regulatory and industry standards requirements.?

Is the cost of fully remediating the risk reasonable?

Ensure you are focused on ensuring controls deliver the most business value, with involvement in designing compliance approaches that optimize speed and cost of compliance.?

What do other organizations see as the greatest challenges in improving cybersecurity practices across critical infrastructure?

Oversee that your workforce is involved in configuring SaaS systems utilizing compliance best practices.?

CLOUD:

Who should be involved in continuous monitoring activities?

Secure that your team is involved in system administration in a large enterprise environment including Windows and Linux servers and workstations, network administration, cloud administration.?

What is a set of data processing components that are automatically provisioned by providers, accessed over a network, and provides secure multi tenancy?

Make sure the Software practice provides design and engineering of Software Applications, Automation and Software Infrastructure technologies for Cloud and On Premise.?

What is the trusted registry that guarantees the authenticity of client and server public keys?

Ensure your teams serve your businesses and functions with digital solutions, as cloud computing, machine learning, process automation and artificial intelligence, among many others.?

Where do the greatest risks come from when it comes to automation?

Leverage new tools that enable the cloud engineering team to test things in new ways.?

Does it provide security automation to help keep defenses tuned by automatically tailoring policies to the ever changing environment?

Secure that your strategy is enabling the cloud engineering team to build the own automated tests built upon testing tools/frameworks you provide.?

How do you setup AWS IAM for your organization?

Collaborate on determining the root cause of production bugs or outages, and supporting the cloud engineering team to create tests that prevent future outages or regressions.?

Who is involved in patching policy?

Guarantee your team is involved in securing cloud services.?

When was the incident first identified?

Make sure your company is partnering with engineering to develop threat models and threat mitigations for applications and Cloud infrastructure.?

Which cloud providers does your organization use?

Manage cloud and end point hardening baselines to ensure consistent implementation organization wide.?

Who could argue, since nearly every known cybersecurity solution has failed to prevent data breaches?

Be confident that your process is involved in server platforms, virtualization, containers, and cloud technologies.?

DEVELOPMENT:

Does the system employ automated mechanisms with supporting procedures or manual procedures for cryptographic key establishment and key management?

Lead evolution of secure software development process and practices supporting growth of the team and new product initiatives.?

How many full time equivalent employees are there in your IT?

Secure that your operation has involvement installing, managing, and operating continuous monitoring support solutions including development of metrics for reporting and auditing.?

What is your current approach to responsible disclosure?

Be certain that your workforce is responsible for multifunctional development projects in software analysis, design, development, and implementation for a new system or major enhancement to an existing system; draft project plans.?

Do you have a detailed, written plan for your security support?

Warrant that your strategy supports the development of procedures, work instructions, and templates to support process execution.?

How do you address the growing cyber risk challenges facing your business?

Safeguard that your team contributes to the development of policies and procedures related to threat operations.?

Do your existing security measures help mitigate risks?

Support the development of analytics and process automation to improve the efficiency and efficacy of auditing.?

Do you have firewalls and automatically updating antivirus software in force across your network?

Lead process inquiries, walkthroughs and procedure reviews to support the development of QA test work papers.?

Who is responsible for cybersecurity?

Oversee that your workforce is responsible for on going mentoring, development of IA team members.?

Will there be further consultations on implementation details?

Consult on the development of business requirements for new system implementations and enhancements.?

What differences make a difference?

Establish that your design is integrating Rapid Delivery (Agile or other) principles into team practices and work products, including coaching the team on reporting, backlog development, refinement and prioritization and facilitating team ceremonies.?

CYBER:

Who supported resolving the incident?

Make sure the teams mission is to provide monitoring and analysis of the cyber, fraud, and physical threat landscape to drive timely and effective response operations and support operational resilience.?

Are affected employees trained in cybersecurity matters, as appropriate?

Make sure your team monitors cyber assets and critical infrastructure to ensure system up time.?

How often are you involved in your organizations cybersecurity issues?

Confirm that your workforce is involved in implementing and managing core cyber threat intelligence technologies and associated processes.?

Can the solution automatically analyze, contextualize, and remediate incidents?

Coordinate incident response activities across teams or directly with stakeholders to identify and remediate potential cyber threats.?

What needs to change in cybersecurity automation to further enhance risk based decisions?

Secure that your design is developing tools to enhance cyber threat intelligence capabilities.?

Has a cybersecurity risk assessment been undertaken and acted upon?

Interface so that your organization is involved in guiding and developing Cyber GRC vision, strategy, and implementation roadmap.?

How can virtue ethics help you to understand what your moral obligations are?

Collaborate with incident response (IR) teams by supporting with technical analysis of malicious cyber events and malware/exploits.?

Is the automation industry enabling cyber attacks?

Make sure the Cyber Investigations and Insider Threat Leader is responsible for protecting the business and people while enabling your products and services.?

How will standards of practice for secure development be created and enforced with new partners?

Oversee all aspects of the Cyber GRC task area, leading a team on large and small projects or a significant segment of large and complex projects.?

Do you centrally manage and monitor all user accounts and login events on your network?

Manage Cyber Threat and Incident Response Manager.?

AUTOMATION:

Are you using an automated patch management system?

Confirm that your workforce is involved in process automation using tools like PowerShell and Python.?

Who was involved in completing the assessment?

Secure that your organization is involved in Robotic Process Automation (RPA) or Artificial Intelligence (AI).?

Why has the role of intelligent code in cyber operations increased therefore rapidly?

Perform analysis of escalations from analysts and work to identify process changes and/or automation to increase the efficiency of incident response.?

Have you developed clear business cases for your cybersecurity investments?

Guarantee your team works to create automation and orchestration solutions to invest in threat operations.?

Who is involved in patching policy?

Oversee that your process is involved in Controls and Automation Engineering.?

Is it feasible to implement automatic gesture search using machine learning methods?

Understand priorities and work through complex issues to identify, develop and implement effective solutions for process and/or system optimization and/or automation.?

Does your organization have any testing tool which can be leveraged for test script development, automated testing etc?

Liaison so that your team creates a test automation strategy across the application stack UI, API, and Backend, etc.?

Is enterprise risk being reduced?

Safeguard that your operation supports automation and orchestration to maximize team talent and reduce routine tasks.?

Who was involved in completing the assessment?

Safeguard that your process is involved in automation and infrastructure as code.?

How do you maintain your IoT devices?

Establish process improvements utilizing automation for audit testing, task creation, evidence validation and establishing in scope system documentation.