Smartech-IT Cyberbezpieczeństwo

CYBERSECURITY PROCESS

4D-R2 Philosophy / R.1 REGROUP

Internal/External threats and vulnerabilities.
Organization’s personnel, information, intellectual property, and assets.
Detailed information of an incident to authorized personnel to obtain further instructions to potentially.
Internal/External Threat(s).
R.1
Regroup (you are here)
IT/Cyber personnel,
Management, C-Suite.
Organization’s policies, security training, and infrastructure.
01
Detect

Internal/External threats and vulnerabilities.

02
Defend

Organization’s personnel, information, intellectual property, and assets.

03
Disseminate

Detailed information of an incident to authorized personnel to obtain further instructions to potentially 

04
Destroy

Internal/External Threat(s).

05
Regroup

IT/Cyber personnel, Management, C-Suite.

06
Reforge

Organization’s policies, security training, and infrastructure.

Perform

Incident Response
Disaster/Recovery Team
Initiate Disaster Recovery
Hot Site (If Necessary)
Purple/Blue Team Coordination
Communication to Leadership

Organization

Locations

Hot Site
HQ/Satellite Offices/ Branch locations
Homes (Telecommuter)

Servers

Physical
Cloud (AWS/IBM/AZURE)

Networks

Physical
Wireless
Remote Access Virtual Private Network (VPN)

IT/Cyber Controls

Firewalls / Access Control Lists (ACLs)
Remote Access Virtual Private Network (VPN)
Endpoint Protection (EP)
Email Antimalware
Intrusion Prevention (IPS)
Web Filtering
Asset Management
Network Access Control (NAC)
Mobile Device Management (MDM)
Identity and Access Management (IDAM)
Single-Sign-On (SSO)
Multi-Factor Authentication (MFA)
Privileged Access Management (PAM)
IDAM Governance
Endpoint Encryption (EE)
Database Audit Monitoring
Device Authentication
Web Application Firewall (WAF)
Database Encryption
Cloud Access Security Broker (CASB)
Application Segmentation
Public Key Infrastructure (PKI)
Key Management
Distributed Denial of Service (DDoS) Protection
Application Whitelisting