Start by understanding what you MUST do to be Compliant with your industry mandates. (PCI, HIPAA, FedRAMP, FISMA etc.)
Next look at the things that SHOULD be done. (Privacy, P&P, Pentest, Risk Assessment, Vulnerability Assessment, Compromise Assessment, 3rd Party Cloud Services reviews etc.)
Evaluate your BUDGET as it relates to People, Process and Technology. Prioritize your scant resources.
Build a mid-term and long-term Cyber Security STRATEGY that includes Risk Tolerance, Growth, In-source / Outsource decisions and Budget projections as they relate to People, Process and Technology.
Reach us with questions: Peter@GaileySolutions.com 214-336-1286 http://www.gaileysolutions.com
#cybersecurity #security #informationsecurity #datasecurity #pentest #dataprotection
#infosec #ciso #hipaa #cloudsecurity #privacy #cybersec #vulnerabilityassessment #cloudservices