Focus on the Basics
I was meeting with a company the other day, and security was naturally brought up. In their opinion, they felt that they had a good handle on security and their overall network — they perform security awareness training, they have a SIEM solution, they have AD monitoring and firewall monitoring, and a plethora of other items that would keep their business safe. Digging in deeper I started asking about what types of incidents they got notified for, and how do they get notified? That was when I realized that they were trying to do everything correctly, but they didn’t actually have the manpower to do everything they wanted.