What’s on your Wish List?

Not sure how things go in your house, but in my house everyone seems to have their mile long holiday wish list. What I’ve found is that asking for a few focused items is always better than the mile long list.

Clients continue to ask what should be in their 2022 security plan (budget). While it varies from environment to environment, a strong security program always includes a Defense-In-Depth approach with ways to address key threat vectors.

The following is my wish list for every security organization worldwide.

1. Regular vulnerability testing and continuous scanning throughout the year

2. Strong information security program encompassing all aspects of security:

   • Defense in Depth Architecture with configuration checks

   • Processes & Procedures especially for patch and vulnerability management

   • Regular testing

   • Dashboard executive reporting

3. Defense-In-Depth gap analysis & funds to fill in the blanks

4. Absolute Must Haves

   • MFA

   • SEIM

   • Endpoint protection

   • Antiphishing Tools

   • Anit Malware Tools

   • DLP

Wishing everyone safe and happy holidays from the Pillar Team!