What is the most overlooked step in a cybersecurity plan?

Security & GRCThreat & Vulnerability ManagementSecurity Strategy & Roadmap+2 more
3.3k views1 Upvote8 Comments
Sort By:
Oldest
Head of Information and Data Analytics in Software3 years ago
No matter what you do, how many of our data we're going to invest, there could be certain things penetrating that perimeter. When that does happen, what kind of incident response plan is in place? What are you going to do about it?
1
CEO and Co-Founder in Software3 years ago
Response is a very important thing that a lot of people don't pay attention to. Everybody assumes a lot of things will happen and things will fall in line. I think last year was a perfect year. How hard it was for even really large entities who have a lot of money to even put a response plan together. If 2020 is any lesson for human life, it's definitely one for cybersecurity. This year is going to be only more interesting and exciting. Every week, congress is making time to have people come talk about cybersecurity. So either they don't have a lot of things to do for the policy or they're just excited about cybersecurity.
1
VP, Director of Cyber Incident Response in Finance (non-banking)3 years ago
This is an excellent question.  I think it's the maintenance of the plan itself.  Because even if you document the plan, and the processes to address the response, each security incident is unique enough that it will require you to update the processes involved.  So the moment you publish your plan, it's already out of date!
1 Reply
lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
Senior IT Manager in Government3 years ago

Absolutely. I would say actually following it, and keeping it up to date and current, are the biggest challenges. Too many organizations create a plan, the stick it on a shelf until the next annual audit rolls around. It does you no good if you don't actually follow through from the plan.

2
Director of Technology Strategy in Services (non-Government)3 years ago
Communicating it in a way that makes sense to your people.
CIO / Managing Partner in Manufacturing3 years ago
Getting senior executives fully on board and understanding it.

Content you might like

What is your primary deciding factor in adopting enterprise search?

Strategy & ArchitectureCloudEnd-User Services & Collaboration+26 more

TCO19%

Pricing26%

Integrations21%

Alignment with Cloud Provider7%

Security10%

Alignment with Existing IT Skills4%

Product / Feature Set7%

Vendor Relationship / Reputation

Other (comment)

View Results
5.7k views3 Upvotes1 Comment

If you have had a negative experience with a vendor (without naming the vendor), what did you learn from it?

Financial ManagementVendor Management
VP of Global IT and Cybersecurity in Manufacturing6 years ago
Have clear business requirements up front, make sure the proposal includes items such as scope, timeline, cost, resources.
Read More Comments
22.1k views3 Upvotes28 Comments

Any recommendations for a comprehensive GenAI learning platform?

EngineeringData & AnalyticsSecurity Strategy & Roadmap+4 more
IT Manager in Constructiona month ago
Hello,
the topic is so broad, what are you focused on?
Read More Comments
4.8k views2 Upvotes5 Comments

In the past 6 months, have you seen an uptick in targeted cyberattacks on telehealth devices and networks?

Security & GRCNetworkThreat & Vulnerability Management+2 more

No Increase16%

1-5% increase47%

6-25% increase24%

26-50% increase6%

51-75% increase1%

76%+1%

Other2%

View Results
1.7k views1 Upvote

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Applications & PlatformsCloudData & Analytics+15 more
Head of Enterprise Architecture MERCK Group in Healthcare and Biotecha year ago
Strategy & Architecture
Read More Comments
39k views5 Upvotes34 Comments