Creating a Cyber security roadmap

1. Identifying and monitoring your organisations’ attack surfaces 
    
   One of the reasons why cyber security hackers and malware spreaders are so successful is that they exploit the hidden risk arising from complex ecosystems. With organizations today having multiple systems, VMs and infrastructural components located on-premise, on cloud and in diverse geographies, it becomes quiet tough to pinpoint out the attack or risk areas and contain the risk blast within the smallest radius. The risk can be anywhere. It can be a simple misconfiguration or a careless left open port or a legacy software which has not been upgraded. So, spotting the risk in the organisations’ digital portfolio becomes the primary responsibility for Cyber security experts. One of the best methods to do it is to ensure continuous scanning and monitoring of the attack surfaces to visualise the vulnerable points in the IT infrastructure. It helps you identify misconfigurations, vulnerabilities and missing security updates anywhere in your organisation. 

2. Benchmarking Cyber security performance of your assets 

You need to set benchmarks for cybersecurity performance of your assets. For benchmarking, you need to set KPIs of Cybersecurity performance. The most common KPIs that you can use include 

• Preparedness level- These measures how many devices in your infrastructure are parched and using the latest versions. It identifies the firewalls, and other security measures installed at various vulnerable points in the IT architecture. 
• Unidentified or poorly configured devices on networks- Often unidentified or poorly configured devices are the hotspots of mischief by hackers and malware artists. So network intrusion detection systems should be put in place. 
• Mean Time to detect- It denotes the least time in which an incident or intrusion is detected by your cyber security team 

• Mean Time to resolve- It is the time required for your team to respond to the attack issue. 
• Mean Time to Contain- It denotes the time required to contain identified attack vectors across different end points. 
• Patching cadence- It denotes the frequency with which your security team reviews organisation processes, networks and applications for remediating vulnerabilities 

There are many other KPIs which should act as the baseline for measuring cybersecurity performance and benchmarking them 

3. Ensuring proper security plan for third party devices and tools 

Third parties are an integral part of your business. You need to audit the security postures of your vendors, ensure that the SLA contains all the terms making vendors responsible for their products and tools and the probable security breaches that can occur from them. This is more so important if your vendor needs to access sensitive data of the organization for providing their services. All the certificates, licenses must be checked to understand whether the security measures are clearly stated there. It is important to check the ratings and reviews of your IT vendors and providers. 

4. Enable security training and skills  

You need to equip your teams with proper cybersecurity training, tools and methods to ensure that your team is capable of managing security of the entire infrastructure. 

Finally, you need to create the blueprint of cybersecurity implementation in the organization and test the implementation