What is the hardest thing when you start to implement cybersecurity in your organization?
How do you choose the right tools(like SIEM, SOAR)?
“Start to implement cybersecurity” is a horrifying phrase lol. It should be built from the ground up, foundational.
But I’ve been in immature environments so I know your pain.
SIEM is great, but only if you have the man power to manage it daily.
Start with the easy low hanging fruit. Authentication and Authorization. Get MFA in place, solid password policies, etc.
From there, infrastructure security. Good firewall practice, solid DMZ hardening, patching up your crud, asset inventory and security etc. Baselines all around.
From there move into access control. Role-based access, access reviews, ensuring that everyone has the right level of access for their job.
Those three alone are huge milestones. Once that’s in place, you can start to focus on the fine tuning and monitoring like SIEMs and whatnot.
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Username or Email Address