Last Week As A vCISO

Share this post

It's 2021! Time For An InfoSec Strategy?

www.lastweekasavciso.com

It's 2021! Time For An InfoSec Strategy?

Happy New Year! Lots has happened in 2020 with relations to information security, but the biggest thing has been the accelerated (often unwillingly) push towards digital transformation.

Ayman Elsawah
Jan 3, 2021
Share

Happy New Year!

Lots has happened in 2020 with relations to information security, but the biggest thing has been the accelerated (often unwillingly) push towards digital transformation. That being said, if you haven't already put together an information security strategy, starting a new year is as good a time as any!

So what is one to do? Where does one start?

Well, one place to start is understanding what data you are trying to protect and work your way back from there. After you've identified some of your important data, some questions to ask are:

  • Who (and what systems) have access to that data?

    • Do they need the ability to read and modify, or can they do their job with read-only?

    • Is access audited and logged somewhere?

  • What would be the impact if that data was deleted?

  • Is it backed up?

    • Have you tested your backups?

  • Is the data safe when it travels (encrypted in-transit) and is it shared with specific people or available to anyone with a link?

These are just some basic questions to consider when trying to prioritize security, essential when putting together a security strategy. This is all a part of Threat Modeling and trying to understand where a threat can take advantage of your overall system.

There is a lot more to putting together an information security strategy of course, but I just wanted to highlight some thought exercises to help you on your way.

Happy New Year!

Ayman

If you liked this email, forward it to a friend! I'd appreciate it.

Share
Previous
Next
Comments
Top
New
Community

No posts

Ready for more?

© 2023 Ayman Elsawah
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing