Knowledge is power, especially for CISOs. Without a comprehensive understanding of their security posture, however, defending the enterprise becomes a game of gut feelings.
The average CISO spends a great deal of their time acquiring knowledge. Getting a strong grasp of the enterprise’s IT infrastructure, types of vulnerabilities that are creating the most risk, and the current threat landscape is a necessity. Since the enterprise attack surface is changing rapidly, understanding the organization’s security posture is an ongoing process.
Staying informed on the state of your security posture starts with asking questions. The challenge is getting answers that are accurate and timely. Here are some of the top questions that CISOs are asking about their security posture.
CISOs ask questions about their inventory to understand every type of device on their network, the softwares that are being used in different device categories (networking, storage, servers, etc), and ultimately the scope of what they are defending. Knowing the scope of what you’re defending starts with getting answers to basic questions about inventory like:
- “How many smartphone/tablet assets do we have?”
- “How many assets do we have with java installed?”
- “How many of our desktops are running Firefox?”
There are 9 types of vulnerabilities in your security posture that can be exploited. Security leaders should ask questions about vulnerabilities to ensure they’re keeping systems patched, practicing good cyber hygiene, and quickly mitigating any vulnerabilities that arise on business critical assets.
- Which assets in my enterprise have unpatched software?
- Which critical servers are using expired or self-signed certificates?
- Which critical assets have users logging in with weak passwords?
Threat hunting has evolved to be a proactive operation, targeting indicators of risk instead of indicators of compromise. Questions about the threat landscape should be asked to identify which assets are most susceptible to the most relevant and current threats in the wild.
- Which assets in my enterprise are susceptible to Sambacry?
- Which assets have vulnerabilities similar to broadpwn?
- Which of my users are most likely to be phished?
There are also a number of overarching questions about security posture that CISOs need answers to. Although getting answers to these questions can be difficult, they are important for showing senior executives and the board that you’re aligning cybersecurity with business objectives.
- What is the likelihood that we will be breached?
- What is the potential impact of a breach?
- What is our breach risk, quantified in dollar figures?
If getting accurate answers to questions about your security posture is difficult, getting these answers in a timely manner probably feels impossible. With Balbix, you can use simple search queries and risk dashboards to ask questions about your security posture and get the answers instantly. Queries you rely on often can be saved in real-time dashboards for an at your fingertips view of your overall security posture. Click the image below to schedule a demo and learn how you can transform your security posture.
*** This is a Security Bloggers Network syndicated blog from Blog – Balbix authored by Nate Bradford. Read the original post at: https://blogs.balbix.com/security-posture-questions-and-answers