1

I was asked this question at an interview today and was unable to give a structured answer since there is so many things a head of security can do.

The additional info that I had were : - You can hire whoever you want - You can do whatever you want - You don't have an unlimited budget but you have enough for the most important things

Since I'm pretty unexperimented in all management and planning stuffs I was a little lost (I'm currently a SOC operator).

I'd say that you need a complete map of the network, list all assets with versions. A list of updates and patches to apply to to those assets to have the latest security updates. Same for the softwares. Organise a vulnerability assessment of the complete infrastructure.

You can also organize security awarness campain (lock screen when you leave your desk, phishing campain, presentation of basic security vulnerabilities and how to tackle them, ...)

I think that I missed some crucial parts in the answer but don't know what. Do you have additional informations ?

tomatediabolik
  • 11
  • 1
  • Review disaster recovery procedures. Assume first day the network is hit with malware/ransomware. What would happen? Power outages, data leakage, etc,. Public Relations/communications interactions. Maybe start with worse case scenarios? – HelpingHand Jan 13 '19 at 01:24
  • In short, get to know the situation. ... what computers, departents, cameras, whatever are there, what department handles which sort of important data (not just company secrets, also customer data, etc.etc.), when was the last time the employees had some security lesson and what was the content (if any), how / by who are software updates handled until now, do some areas have minimum requirements in law and are they met, and so on... – deviantfan Jan 13 '19 at 02:14
  • (and ofc the disaster procedures too, like mentioned in the comment above) – deviantfan Jan 13 '19 at 02:19
  • (And if you get thrown into the water from second one, this is a bit suboptimal (but not your fault). All employees need some time to get know a new company, and during this they don't have 100% output. If the whole company collapses because ransomware while you can't even find some toilet, it's their own fault for being unprepared). – deviantfan Jan 13 '19 at 02:24

0 Answers0