Last week, I spent most of my time in a conference room at RedSeal headquarters presenting our RedSeal Certification training to a mix of our customers and recent additions to the RedSeal team. Showing those in attendance the broad set of capabilities of the system reminded me how important it is to be very clear about the steps for anticipating attack and putting together automation and operations to protect your enterprise and its assets.
Here is my top 10 list:
- Scan your hosts for vulnerabilities
- Prioritize and schedule patching
- Place modern security controls at all ingress and egress points
- Monitor all ingress and egress traffic, triggering alerts and interception of inappropriate traffic
- Standardize your device configurations
- Create a set of network security zones
- Review your network’s access paths
- Compare access to network security policy
- Track approvals of access between critical zones
- Monitor and report on access found each day
How does your approach compare to this list? What do you think I’m missing? Is there anything I included that you think shouldn’t be here?