Security Systems Strategy
Navigating the endless maze of next-gen blinky boxes, converged cloud consoles, and machine learning analysis engines is tough.
VDA Labs has been around the block a few times and we’ve had the chance to work on, with, and most importantly against many of the leading security systems over the years. We know what’s effective in protecting your organization and what will leave you scratching your head, digging through logs, trying to find how you were compromised in a huge haystack of useless data.
The team at VDA Labs has the experience to assess your current security posture and help you define a strategy that will direct spending where you most need it. We can also help with configuration strategy.
Interested in assistance building your defense?
If you are not investing in cybersecurity – you are putting your organization at risk. We engaged with VDA Labs, and they identified our vulnerabilities, and recommended the steps necessary to mitigate our risk.Tom Wiewiora
How does VDA work with clients to build a security strategy?
The first goal we have is to assess your current security posture. This can be done by active means, such as a penetration test, which is a great way to measure the base-line defensive position of your organization, or in a more general passive way through interviews and information gathering. We then use our decades of experience to make an assessment of your current posture to identify strengths and weaknesses.
Next we work to develop a prioritized road-map customized to your organization that will allow you to move the ball forward on security while gaining the most value for your investment. A critical component is impartiality – we don’t sell solutions for problems you may (or may not!) have, but provide unbiased advice.
What do we look for when assessing an organization and making recommendations?
Beyond our experience, there are a number of industry standards we can look to in order to evaluate the security posture of an organization. One of our favorites is the Center for Internet Security’s Top 20 Controls, the top five of which are listed below:
- Inventory of Authorized and Unauthorized Devices
- Inventory of Authorized and Unauthorized Software
- Secure Configurations for Hardware and Software
- Continuous Vulnerability Assessment and Remediation
- Controlled Use of Administrative Privileges