“When I visit a company for the first time I will ask a few key questions,” he told Computerworld Australia. “What I am really looking for is the operational security of an organisation as opposed to ‘Do you have a firewall? Do have antivirus?’ I ask how more about prepared they are for a cyber incident.
“I ask ‘What have you done in terms of planning? Do you have a plan? Have you tested the plan? Does it integrate with your business crisis management plan?’ Then I ask ‘How do you do security awareness training?’”
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedIn