With everything going on in the cybersecurity space, and a general push towards cloud adoption, security is on top of everyone’s mind. Here are some questions to ask your organization to identify security gaps –
- Incident Management – How well do we detect, accurately identify, handle, and recover from security incidents?
- Vulnerability Management – How well do we manage the exposure of the organization to vulnerabilities by identifying and mitigating known vulnerabilities?
- Patch Management – How well are we able to maintain the patch state of our systems?
- Configuration Management – What is the configuration state of the systems in the organization?
- Change Management – How do changes to system configurations affect the security of the organization?
- Application Security – Can we rely on the security model of business applications to operate as intended?
- Financial Metrics – What is the level and purpose of spending on information security?