2021 Security Plan

Template
Template Walkthrough Guide
We built this template to empower you – the CIO /CISO/Director of Security, etc. – to effectively
communicate your 2021 security plans to management.

You have the security knowledge – the type of security events your organization encountered in the
recent year, as well as the global shifts in the threat landscape. You also understand the outputs of the
security products you have in place.

By using this template, you’ll be able to map this knowledge to cost and risk terms that your
management can easily consume and understand.

The flow of the template is simple – how many resources are we currently putting into cybersecurity,
what has proven itself, and what are the gaps that we need to address – based both on the security
incidents we have encountered, as well as on general attack trends.

This copy of the template comes with mock data - be sure to remove and replace it with data from
your own environment.
Feel free to modify and adjust the template based on your specific needs. There is no one-size-fits-all in
cybersecurity. The template is purpose-built to save you the time of setting up the infrastructure. The
internal design is all yours.

2021 Security Plan Template 2

How We Built This Template
This template is the outcome of numerous interactions with both security professionals
and management decision-makers across Cynet’s install-base.

What guided us through the process of building this template is to simplify, accelerate and
optimize the work of security decision makers by providing them with ready-to-use tool
that addresses all key reporting and planning aspects, enabling them to focus their efforts
on the actual reporting, rather than spend valuable time in setting up a reporting
infrastructure from scratch.

This is also the goal of the Cynet autonomous breach protection platform (
Learn more about Cynet here), which natively integrates monitoring & control, attack
prevention & detection and response orchestration, providing security teams all the tools
they need to confront and win against the cyber threat landscape in a single, integrated
solution.
 

2021 Security Plan Template 3

Template Walkthrough Guide
Slide 6
2020 Security Overview
Summary of all the security spend
of 2020, :
• planned (personnel, technology
and services)
• unplanned (security incidents
that entailed a clear monetary
impact)
Slide 7 Slide 8
2020 Security Performance 2020 Security Performance
Evaluation - Success Evaluation - Challenges
Summary of all events in which Summary of all attacks that caused
security investment have proven damage despite the security stack
effective in preventing or in place.
containing cyberattacks.
• Event
• Technologies - This part is
• Description
materially dependent on the
metadata your security • Point of failure
products provide you with. This
is important to make the case
of the actual value delivered by
the product.
• Services - quantize these by
both the volume of security
events that was fully or partially
handled by the service provider.
2021 Security Plan Template 4
Template Walkthrough Guide
Slide 9
2021 Security Plan –
Key Considerations
Summary of all improvement
factors:
• Internal security events your
organization has experienced
• Overall threat landscape that
applies to your organization in
respect to vertical, size, IT
infrastructure, etc.
Slide 10
2021 Security Plan –
Changes in Resource
Allocation
Required changes in security
products, services, personnel and
compliance initiatives
Slide 11
2021 Security Plan –
Overall
Summary of 2020-2021
differenced in security budget.
2021 Security Plan Template 5
2020 Security Overview
2020 SECURITY PLANNED SPEND 2020 SECURITY UNPLANNED SPEND
Group Detail Annual Cost Incident Detail Overall Cost
Security Team Ransomware attack

Compromised identity Direct damage

to O359 account
Security Products
IR provider fee

Security Services

Compliance Initiative

SECURITY SPEND SUMMARY

cost

Planned

Unplanned

Overall

2021 Security Plan Template 6

2020 Security Performance Evaluation - Successes
SECURITY PRODUCTS SECURITY PRODUCTS
Products Data Comments Products Data Comments
Firewall XXX blocked sessions … MSP … …

NGAV XXX blocked malware MDR XXX critical security events

attempts prioritized and reported
XXX blocked ransomware
… …
Email Protection XXX phishing emails
detected …
… … …

… …

… …

… …

… …

… …

… …

2021 Security Plan Template 7

2020 Security Performance Evaluation - Challenges
SECURITY PRODUCTS
Incident Description
Ransomware attack Initial infection followed by mass automated propagation
locked 67% of the company’s endpoints and servers
Theft of customer data Customers PII (names, phone numbers and email addresses)
was exfiltrated from company servers
Compromised identity to O359 account Attackers gained access to an employee O365 account and
forwarded his company emails to their premise during several
weeks
Points of Failure
AV failed to prevent the ransomware execution
• Post compromise activity is a blind spot for the security
products in place
• Firewall\AV failed to prevent the initial compromise
• The EDR alerts’ volume surpassed the capacity of the
security team. As a result, the relevant EDR alerts were not
addressed
There is no security products that monitors users email
behavior
2021 Security Plan Template 8
2021 Security Plan: Key Considerations
The plan for 2021 is meant to raise the cyber resilience level of the organization,
in light of prior security events as well as the overall threat landscape

Internal security incidents Security incident 1

Security incident 2

Updated threat landscape High profile attack 1

High profile attack 2

ATTACKS TRENDS

Description
1 …

2 …

2021 Security Plan Template 9

2021 Security Plan – Changes in Resource Allocation

2020 SECURITY PLANNED SPEND

Group Type Purpose Annual Cost
Security Team Add XXX manhours Ensure all critical alerts are handled $XXX

Security Products Add CASB solution Get visibility to malicious activity that $XXX
targets SaaS apps
Security Services Engage MDR to monitor EDR alerts Outsource repetitive alert monitoring and $XXX
prioritization and have the internal team
focused on the actual response
Compliance Engage external auditor for PCI –DSS $XXX
certification
2021 Security Plan – Overall
2020 SECURITY PLANNED SPEND
Group 2020 Annual Budget 2021 Change
Security Team $xxx $xxx

Security Products $xxx $xxx

Security Services $xxx $xxx

Compliance $xxx $xxx

THANK YOU!
www.cynet.com