--------------------

No. 1

- work from home used to be option, now mandatory.

- focus on business requirements
- understand how users and groups access data and applications
- Now few months passes since Covid-19 sent employees to work from home
- recommended review of what has changed since then.
- this will determine wheather access levels are correct and if any security
measure are stopping users from doing their required tasks.

No. 2

- evaluate risk based vulnerability management.

- dont try to patch everything at once instead focus on exploitable vulnerabilities

and fix that first.

- use threat intelligence, attacker activity and internal asset criticality to

provide a better view of real organizational risk.

No. 3

- XDR collects and correlates data across platforms such as email, endpoints,
servers, cloud workloads and networks.
This enables visibility and context into advanced threats.

- organizations should consider using this technology to simplify and strealine

security.

- How we can benefit from XDR - is with more visiblity and context into threats,
events thats would have not been addressed before
will surface to a higher level of awreness, allowing security teams to quickly
focus and eliminate any further impact and
reduce the severity and scope of the attack.

- In our case we can use O365 Defender, Azure Defender and Setinelone to XDR

No. 4

It can be challenging to secure the public cloud without a means to ensure policy
uniformity across cloud security approaches.

No.5
- make sure the organization has cloud access security brokers in place for cloud
access controls.
this will offer real-time policy enforcement and active blocking.

- Implement CASB (Cloud Access Security Broker) to handle real-time enforcement of

security controls,
- including when necessary and active blocking of suspect traffic.

No.6
- Domain based Message Authentication Reporting & Conformances, DMARC provides
email authentication policy
- phishing emails have gorwn more sophisticated making it harder for end users to
determine whats real and whats not.
- so DMARC can help organization block domain spoofing.
- We do have DMARC in place

No 7.
- people reuse password/ same password as work and personal accounts.
- hackers love password.
- 81% of successful cyberattacks are due to a compromised username or password.
- to 'increase trust and improve the user experiance' organizations can use tokens
and biometrics

No 8.
- becuase data varies, a one size fits all approach will incrase risk.
- some data will have too much protection and others will have too little.
- identify sensitive data
- discover the location and accessibility of these data
- classify data according to its value (public, internal, confidential, or
restricted use)
- Secure - emply security control and protection
- monitor the data.

No 9

- This is more for the management

- they say instead of search for a perfect candidate
- focus on five or six must have competencies for any given project and staff
accordingly.