Some questions to think about, as CISO

1. What if your budget is cut by 50%

  • Did you properly classified your projects by priorities and cost ?
  • Do you have a list of mandatory and non mandatory projects ?
  • Are some projects are just related to Security ?

2. What if you have only one project to motivate for the FUTURE ?

  • Innovation ?
  • Added value ?

3. Next PenTest can be driven by ‘objectives’, not just Scan & analyze ?

  • Get the client database ?
  • Get the payroll list ?
  • Check internal security awareness and line of defense – Drop USB with fake data inside the organization.

Be the first to comment

Leave a Reply

Your email address will not be published.