Integrated Strategy to Protect and Defend your Enterprise
Saravind Rajan (PMP? , ITIL4?)
Project Management | Service Delivery Management |
The Unified Enterprise Defense structure was developed by Capgemini to outline and characterize all of the important elements that an organization must develop and integrate cohesively, to have an effective strategy for protecting and defending an enterprise from all cybersecurity threats.
What they have done is that they have integrated evidence-based approaches and frameworks such as ISO, NIST and CMMI into their
Unified Enterprise Defense strategy.
This strategy drives a comprehensive evaluation for how an organization both protects and defends the enterprise through proper visibility and effective leverage of threat intelligence.
This model spans four major states; Foundational, Reactive, Proactive and Adaptive. Using these states as a measurement scale Capgemini’s
Cybersecurity Defense Maturity Evaluation evaluates 13 domains with an emphasis on the following cybersecurity functions:
Emerging security capabilities
The enterprise has started to build out capabilities for foundational areas of security aligned to risk. Operations take place in a distributed manner, and a standardized model and consistent approach have not been defined and do not focus on network defense functions.
领英推荐
@) Defined security operations
The enterprise has a baseline of repeatable security operations and may have a dedicated team for network defense. Workloads are cyber response activities, preventing effective defensive operations. Threat intelligence may be leveraged in an ad-hoc capacity.
@) Integrated defensive operations
The enterprise has aligned both aspects of securing the enterprise and defending the enterprise into a well-defined industry model. Threat intelligence is integral to daily operations and feeds detective and defensive strategies.
@) Adaptive intelligence operations
The enterprise has established a mature cyber defense program. Operations continue to mature and adapt through automation efficiencies and partnerships as the threat landscape changes. Custom capabilities are established and threat intelligence managed to the degree that historical data trending enables the security organization to stay ahead of adversaries.
It can provide your company an understanding of their existing cybersecurity posture, visibility to and providing a plan for addressing gaps along with a benchmark capability to continually measure your cybersecurity effectiveness.