2022 Planning Tool for Enhanced Security Strategy

Slide Note

This planning deck by Rapid7 for 2022 aims to assist in refining cybersecurity postures and achieving security goals. It covers key aspects like program overview, assumptions, business context, and cybersecurity dynamics, providing valuable insights for effective planning.

kar_ma Follow

Uploaded on Mar 13, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

2022 Planning [Team name]

How to Use This Planning Tool Welcome to the Rapid7 2022 Planning Tool. This deck is designed to help you think through your annual planning process so you can better achieve your security goals. We have included slides that ask questions about your current cybersecurity posture and what you want to achieve in 2022, as well as some informational slides that highlight important security and regulatory considerations that may impact your cybersecurity program in 2022 and beyond. Good luck! 2

Program Snapshot (Exec Summary) Definition of program, including: Vision/goals Current status Areas of focus or opportunity - - - 3

Key Assumptions Outline the key assumptions driving your plan Market, customer, product, technology, etc. 4

Business Context What is happening with the business/organization Organization evolution over last 12 months Market evolution over last 12 months Technology landscape changes Drivers of needs Headwinds / tailwinds / Key assumptions Supporting research or data (IDC, Gartner, etc) 5 Citation or footnote example. These can be placed in the bottom left hand corner of the slide

Cybersecurity Dynamics - Q4 2021 The threat landscape has changed dramatically, with increased velocity, volume, and impact of criminal, hacktivist, and opportunistic attacks. Ransomware defense and response has become the number one priority of most organizations. The pandemic continues to increase cloud adoption and erode network boundaries across all industries, creating additional complexities and potential avenues of exposure. CISOs and their stakeholders are looking for solutions, not more technology to manage, and want to know how to make the best use of existing investments. The Great Resignation has hit infosec and other key IT teams in organizations, placing an increased burden on solutions providers to make their tools more effective and straightforward to use. Security vendors are introducing AI/ML components into their solutions to help reduce alert fatigue and better prioritize remediation activities. IoT/OT continues to find its way into organizations, who are looking to these technologies to augment capabilities, especially as a result of the global labor crunch. 6

Threat Landscape - Q4 2021 Ransomware will continue to be a core business model for organized crime and opportunistic individual cybercriminals. The threat will likely accelerate as multiple states seek to reel in as much profit as possible before widespread international crackdowns. We will continue to see a pattern of critical vulnerabilities in commonly used software resulting in rapidly developed exploits, followed by widespread compromise. This will put significant pressure on operations and infosec teams to assess, test, and patch at an accelerated pace. Real-life supply chain pressures will continue to drive an uptick in BEC and other targeted campaigns as attackers take advantage of organizations need to obtain critical components. 7

Regulatory Landscape Snapshot - Q4 2021 Biden Executive Order for supply chain security for federal contractors and agencies continues to be implemented. - Requirements for security safeguards, SBOM, incident reporting - Timeline: March and May 2022 Infrastructure legislation passed Senate, awaits House vote. - Includes cybersecurity funding and requirements for state/local governments, energy, water, transportation. - Timeline: Estimated Q4 2021 - Q1 2022. Incident reporting legislation moving forward. - Requires critical infrastructure to report cyber incidents, and all companies to report ransomware payments. - Timeline: Estimated Q4 2021 - Q1 2022. 8

2021 Performance Review High-level 2021 review Team dynamics - employee churn, unfilled roles, overtime, training Exposure factors - identified and mitigated issues, pentest results Security culture - buy-in from leadership or other functions, user engagement, automated process, adoption of policies Governance - policies developed, compliance updates, vendor management Security events - did you have incidents that caused disruption? How do you internalize lessons from security events? Progress - how are you measuring progress? What did you change or build on this year? 9 Citation or footnote example. These can be placed in the bottom left hand corner of the slide

2021 Key Learnings What worked? What didn t? 10

Ransomware Preparedness Evaluation What is your level of ransomware preparedness? Do you have regular offline backups? Are your backups regularly tested/reviewed? How timely are your patches? What identity and access management controls are in place? Are they effective against ransomware attacks? Do you have a ransomware incident response plan? Is it available offline? Do you have cyber insurance? If so, what does it cover (ransom payment, recovery, etc)? 11

Supply Chain Risk Preparedness Evaluation What is your level of supply chain risk preparedness? How do you vet new vendors? Is this process followed throughout the organization? How do you verify that? How do you manage current vendors and partners? Are you aware of changes in their security posture? What third-party apps, systems, or individuals currently have access to your sensitive data? When you end a third-party relationship, what processes are in place to ensure the third party cannot access your systems or data? 12

2022 Key Initiatives Supporting the Business Plan Ongoing Proposed Note where incremental investment is required 13

2022 Roadmap 1a: What will we deliver in 2022 with known approved resources? (Baseline) 1b: Incremental high-ROI requests, and what will we deliver in 2022 with those resources? Program roadmap (Themes, capabilities) Program roadmap (Themes, capabilities) High level timeline High level timeline Dependencies Dependencies 14

Path to Maturity If your organizations does not have existing maturity measurement and progress plans, consider adopting (in whole or part) elements from the Cybersecurity Capability Maturity Model (C2M2) and/or NIST Cybersecurity Framework to provide a foundation and tools to help make and measure progress. 15

How Will We Measure Progress? For each project/initiative, ensure there are useful, defined metrics which can be tracked and reported. For vulnerability reporting, focus on internet-facing and internal components of critical business processes and aim to show improvements in time-to-patch/mitigate. For detection and response, work on capturing time-to-detect, time-to- contain, and how efficiently new detections are evaluated and applied to endpoints. 16

Investments How are we going to invest in 2022? People Technology Programs 17 Citation or footnote example. These can be placed in the bottom left hand corner of the slide

Key Partnerships Are there internal or external groups that we will partner with to help us be effective? If you are not already a member of an ISAC, have that on your 2022 plan. 18