MacDonald said his top security projects for CISOs to consider this year are aimed at high business impact and high risk reduction. Improve perimeter security, including URL filtering for internet access.Conduct basic security awareness training.Use backup and restore for ransomware protection.Use some form of SIEM/log monitoring solution (basic detection and response).Implement robust anti-spam technical controls.Implement a standardized server/cloud workload protection platform agent.Implement an IAM program with automated provisioning and deprovisioning.Remove administrative rights from Windows users where possible.Upgrade to the latest endpoint protection platform offering, with fileless malware detection, memory injection protection, machine learning, and other features.At last week’s Gartner Security Summit in National Harbor, Maryland, Gartner analyst Neil MacDonald outlined 10 cybersecurity projects that could go a long way toward reducing enterprise security risk.įirst, though, MacDonald listed 10 things enterprises should already be doing to “make sure you’ve got the basics right.” Those 10 basics are:
