Discuss your company’s business critical information
Discuss your company’s cyber, physical, cultural, and procedural vulnerabilities.
Does your company have appropriate HR and IT security policies and practices?
What sort of physical security policies and practices are in place?
How is your security ecosystem?
Antivirus on all systems?
Network monitoring and intruder detection?
Network access security: logins, access control lists, firewalls, DMZs, etc., in place?
How much is automated and how much manual?
Recommend what your company needs to do to address its security strategy gaps.
Recommendations should be actionable and linked directly to the Technology Road Map in Week 3.
Ensure that your recommendations are focused on root causes.