Confidentiality - Integrity - Availability
作者:Konstantinos Argyropoulos
1. People
1.1. Authorization
1.2. Authentication
1.3. Cybersecurity Awareness Program (gamification)
1.4. Phishing Campaigns
2. Technology
2.1. Identity Management
2.2. Patch Management
2.3. Network Segmentation
2.4. Perimeter Security
2.5. Compliance
2.6. Denial of Service
2.7. Endpoint Security
2.8. Active Directory (DC, DHCP, DNS)
2.9. Network Access Control
2.10. Unified Platform monitoring(Endpoint Security, networking, Perimeter security)
2.11. Consolidation and Correlation of events (SIEM)
2.12. Penetration testing
2.13. Insider Risk Management
2.14. Data Loss Prevention
3. Policies & Procedures
3.1. Business email usage
3.2. Internet Usage
3.3. User and access management
3.4. Asset Management
3.5. Password Management
3.6. BYOD
3.7. Information Management (Data Loss Prevention, Information Rights Management)
3.8. Information Lifecycle Management (Retention Policies)
3.9. Owner and Custodian
3.10. Business Continuity
3.11. Disaster Recovery
3.12. Backup and Restore
3.13. Patch Management