"MEASURE WHAT YOU TREASURE!"

Measuring RISK across the entire Target Surface and then Managing consistently!

NIST

(Cyber Security RISK Management Framework - Percentage of each USER and each DEVICE - Managing RISK Compliance Document)

• I - IDENTIFY

• P - PROTECT

• D - DETECT

• R - RESPOND

• R- REPAIR

Dashboards to take a Security Health Check/Pulse - Daily Intel Briefing for C-Level Leaders and Managers

Password Management - Measuring passwords that are weak, reused more than once, or are old

Firewalls - Logging and Reporting (i.e.- WatchGuard, SonicWall, Sophos, etc.)

VPN - Virtual Private Network - Rob Braxman/Network or Computer/

• Virtual Shield

• Webroot WiFi Security

DNS Watch - Firewall or 3rd Party

Anti-Virus - Webroot, Panda, Sophos, TotalAV, etc.

Phishing - Simulated Phishing email campaigns to measure the users' behavior and what they are clicking on (i.e.-software)

Dark Web Scan - Automated Tool (i.e.-LastPass, etc.)

Formal Cyber Security Education Plan - Newsletter, Phishing Campaigns, Policy Management, Security Training and Micro Security Training (i.e.-Remedial)

• Breach Secure Now

• KnowBe4

• 34 Resources for Employee Training

Infragard + Reporting from other Intel Sources - NJCCIC Weekly Bulletin

Cyber Security Insurance - Noone is 100% secure!

Get a Cyber Technology Coach On-Board (VCIO) - same purpose as a Life Coach, Business Coach, or Sports Coach!

What if you do nothing or you do the wrong thing?

"Better Done Than NONE!" DO NOT Let Failure To Implement (FTI) happen!

One Step At A TIME, Then MEASURE and Calculate the Cost!!

Rinse and Repeat!