What can businesses do to improve their security posture?

What steps should businesses take to assess and improve their security posture? What tools would you recommend for this purpose?

55 Answers

author avatar
Top 10User

Awareness Awareness and Awareness, the Problem is the Head.

True story, issues take place on the senior lvl (Open USB Port, no Clean Desk Policy, etc.)

Afterwards "we" (the working lvl) can talk about trainings and SW/HW Solutions.

So first is that security means not only buying a SIEM or ISMS Monitrin, its a mindset.

Some sort of taking care for the company like taking care for your family :)

author avatar
Community Manager

@Norman Freitag great advice!

author avatar
Top 5Consultant

You must perform a vulnerability assessment on all your devices, for example with Tenable Vulnerability Management. Then you must remedy the critical and high vulnerabilities.

author avatar
Top 5LeaderboardReal User

Always evolving your technologies with security threats and trends is needed , similarly user awareness of security is a key . As an IT person with a limited budget of SMB organization they should opt for UTM (NGFW) , better endpoint with EDR,ATP and email security . An enterprise should be always ready for any targeted or rogue attacks hence a defence in layers is required , firewall, network layer ATP (sandboxing), Email with zero day attack intelligence, device controls, EDR and EPP , WAF for web servers and an honeypot to trap and known the threat vectors for their organization. 

author avatar
Top 5Real User

No matter what tool you used, we can't stop all the threats. 

We need 360 degree visibility and need to categorise the risk factor and work continuously to improvise on enhancing security posture. There are end number of tools available depending on the risk factor   

author avatar
Top 5Reseller

First of all, you need to know what you have inside your company, not only computers, but every device that is connected to the network, this will help you to identify where are the potential threats. There are products focused on making inventory of your network assets.

After that you can plan the best approach, based on your needs.

Surprisingly, the worst threats can come from places you don't even know they exist.

Find out what your peers are saying about Palo Alto Networks, RSA, FireEye and others in Advanced Threat Protection. Updated: March 2021.
474,595 professionals have used our research since 2012.