Security team objectives

Mailman List Mirror (Read Only)
1

Hello Ramy,

Management and organization buy-in is important. Initially I would say
it would be helpful to do some internal education and awareness, which
helps with the first point. Identify a few things you can improve upon
right away. Some small obtainable achievements would help justify the
team if the team can point to some early success. Then build up that.

FIRST.org, which is the original security team community, has a wealth
of very detailed guides and information you might look over:

  <https://www.first.org/resources/guides/>

John

2

The Big Goal of security can be stated something like this:

"To bend all of the cost and benefit curves to most closely align with the organization's security goals"

If the Board of Directors can't articulate the goals, your pretty much doomed.

David