Or what I like to call Situational Awareness (SA) for the enterprise. Understanding and ultimately controlling your attack surface—the sum of all attack vectors against your organization—is a fundamental security goal. After all how can you protect what you can’t properly identify. Situational Awareness is mandatory on any battlefield.
Cyberspace is the new battlefield – Brad Smith, President Microsoft (RSA 2017)
In order to take corrective action; first you need to understand your vulnerabilities and the risks associated with them. The best way to do so is to develop a threat and vulnerability management (TVM) program or if your organization already has one established then understanding your TVM maturity level is the next step (see image below).
The goal is to hit level 5, so if you’d like to hear more feel free to reach out. Or if you liked this post then please share and like it – Thanks!