In the wake of recent high-profile security incidents, I started wondering: what, generally speaking, should an organization's security priorities be? That is, given a finite budget — and everyone's budget is finite — what should you do first? More precisely, what security practices or features will give you the most protection per zorkmid? I suggested two of my own, and then asked my infosec-heavy Twitter feed for suggestions.
I do note that I'm not claiming that these are easy; indeed, many are quite hard. Nevertheless, they're important.
I started with my own top choices.
The next suggestion is one I should have thought of but didn't; that said, I wholeheartedly agree with it.
The next set of answers have to do with recovery: assume that you will suffer some penetration. Now what?
I would add: test recovery. I've seen far too many situations where backups were, for some reason, incorrect or unusable. If you don't try them out, you have no reason to think that your backups are actually useful for anything.
Support the originator by clicking the read the rest link below.