 |
Step 1: Establish Threat Detection & Resolution Owner (and Team)
|
|
Step 2: Define Security Policies
|
|
Step 3: Create a Detailed List of Technology & Vendor Security SLAs
|
|
Step 4: Differentiate Internal vs External Vendor Security Responsibilities
|
|
Step 5: Identify the Critical Applications for Business Operations
|
|
Step 6: Conduct System Threat Profile
|
|
Step 7: Identify & Resolve Software/Hardware/Cloud/Network Vulnerabilities
|
|
Step 8: Identify & Address Third-Party/External Vulnerabilities
|
|
Step 9: Establish Industry Threat Information Sharing Protocols
|
|
Step 10: Establish Threat/Attack Monitoring Protocol
|
|
Step 11: Establish Threat Resolution Protocol
|
|
Step 12: Establish Threat Communication Protocol
|
