How do you organize your cybersecurity tools and measure their performance?

Danielle Moses
4 replies

Replies

Daniel
Many startup doesn't take cybersecurity seriously. Some startup will end up learning the need of cyber security the hard way, but cyber security in the field of startups is not something that can bring traction to the website already valid security feature for most companies. Cyber security expert and tools can cost a lot especially when startups don’t make much. After working in a few startups one of the most important features that startup should integrate must definitely have an SSL certificate for the HTTPS request and HSTS record. - Promoting SFTP over FTP. - Using the free version of Cloudflare for DDoS protection. - A basic JavaScript for avoiding XSS injections on the website. - DKIM, SPF, DMARC records for e-mail should also be a good practice to integrate. - Keep all software updates an employee computer free from viruses. All of those features can be integrated for free.
PaulWells
At first, I was not very responsible about cybersecurity and later regretted it. So now I prefer to choose responsible detection and response services that cope with new modern cyber threats. By the way, from one article I learned a lot of useful tips and more about how mdr service providers work https://underdefense.com/blog/to... . I recommend that you also read it, because here you can learn a lot of interesting things.
Johannes Mattes
i like metrics like the following to measure the performance of my cybersecurity tool landscape: - Number of currently patched IT systems/total number of IT systems (adjusted for authorized exceptions) - Mean time to detect an information security incident (MTTD) - Average time taken to remediate critical and high vulnerabilities identified during penetration tests
Rosalie Steame
I agree with the comment above, and besides, you can configure DMARC yourself - in just a few minutes. You can find more information about this here https://sh.consulting/blog/dmarc... . This is vital protection against domain spoofing, cyber threats such as phishing attacks, and increases transparency in the email you send.