https://community.isc2.org/t5/Governance-Risk-Compliance/CyberSecurity-strategy/m-p/47603#M485 <P>How are Cybersecurity professionals forming their strategy?</P><P>It makes a lot of sense to follow lessons learnt, and to have objectives that can be met.</P><P><SPAN>The same issues are clear in other defence avenues.</SPAN><BR /><SPAN>We're constantly suffering from being behind and not being able to proactively stop new attacks. </SPAN></P><P><SPAN>Our strategy needs to put us in the driving seat and do better than just reacting.</SPAN><BR /><BR /><SPAN>An article i read on military defence listed four aspects of that strategy and i</SPAN><SPAN>n Cybersecurity terms they could look like this:</SPAN><BR /><BR /><SPAN>Firstly, we need complete freedom of action, and support from the board and senior management</SPAN><BR /><SPAN>Second, we should be capable of being on top of most known threats due to protective measures</SPAN><BR /><SPAN>Third we should have a good picture of what is happening around us</SPAN><BR /><SPAN>With the first three we should be superior to other systems when applying countermeasures.</SPAN></P><P>&nbsp;</P><P><SPAN>It would be good to exchange views on strategy choices and see how objectives are going to be met.</SPAN></P> Mon, 09 Oct 2023 09:59:04 GMT linzeeb 2023-10-09T09:59:04Z https://community.isc2.org/t5/Governance-Risk-Compliance/CyberSecurity-strategy/m-p/47603#M485 <P>How are Cybersecurity professionals forming their strategy?</P><P>It makes a lot of sense to follow lessons learnt, and to have objectives that can be met.</P><P><SPAN>The same issues are clear in other defence avenues.</SPAN><BR /><SPAN>We're constantly suffering from being behind and not being able to proactively stop new attacks. </SPAN></P><P><SPAN>Our strategy needs to put us in the driving seat and do better than just reacting.</SPAN><BR /><BR /><SPAN>An article i read on military defence listed four aspects of that strategy and i</SPAN><SPAN>n Cybersecurity terms they could look like this:</SPAN><BR /><BR /><SPAN>Firstly, we need complete freedom of action, and support from the board and senior management</SPAN><BR /><SPAN>Second, we should be capable of being on top of most known threats due to protective measures</SPAN><BR /><SPAN>Third we should have a good picture of what is happening around us</SPAN><BR /><SPAN>With the first three we should be superior to other systems when applying countermeasures.</SPAN></P><P>&nbsp;</P><P><SPAN>It would be good to exchange views on strategy choices and see how objectives are going to be met.</SPAN></P> Mon, 09 Oct 2023 09:59:04 GMT https://community.isc2.org/t5/Governance-Risk-Compliance/CyberSecurity-strategy/m-p/47603#M485 linzeeb 2023-10-09T09:59:04Z