Thursday, March 12, 2015

Back to basics

Recently I switched jobs and one of the interesting parts of changing jobs is everything is new and you have the 'fresh pair of eyes'.

The new environment has everything, a big network, mobile, malware and other attacks and a bunch of people.

It is this people factor that is actually the most challenging. Right now besides the technical aspects of the job, I am trying to convince a lot of people that the techie side of security is only a small fraction of the job.

Technically it has been the basics:
* user accounts and privileges
* tools
* network segregation
* vulnerability management
* incident response

Although it isn't possible for every organization to hire new infosec people all the time, it remains in my opinion a good exercise: Ask yourself why the things are as they are and evaluate the needs of the organization, they might have changed.

No comments: