What is your top security priority this quarter?
Password management/Authentication13%
Endpoint management38%
Identity management30%
Internal threat detection11%
Firewalls3%
Data encryption2%
Other1%
722 PARTICIPANTS
4.5k views1 Comment
Sort by:
Content you might like
Seeking input: Has anyone drafted an SOW for a cloud-based SIEM with setup, migration, and maintenance? I’m working on a FedRAMP-authorized SIEM SOW, migrating from on-prem Splunk, covering data, searches, alerts, dashboards, and models.
Scope includes Environment Setup:
Cloud provisioning, configuration, testing.
Connectors/Parsers: Custom data source integration.
Content Development: Rules, use cases, threat feeds.
Performance Tuning: Query/index optimization.
Runbooks: Operational procedures.
Also required: 24x7 support, maintenance, lifecycle and application management, role-based training, and documentation.
Must comply with NIST SP 800-53, CJIS, and FedRAMP Moderate+. Goal: Secure, scalable SIEM for rapid deployment. I may be missing elements, so suggestions are welcome. Please share redacted SOWs or tips if possible.
Do you have data that allows you to objectively measure your team’s effectiveness as well as any positive impacts? What data do you currently rely on?
What are you using to keep a list of all 3rd party data sub-processors for your company
Data grail style tools21%
One Trust style GRC Tools45%
Use of CASB style products like Netskope39%
Use of NDR type products like Cisco Umbrella32%
Manual Audits29%
Communication between GRC, Legal and Eng. orgs10%
Excel/Google sheets14%
Are you increasing how often you require board members to complete cybersecurity awareness training?
Yes32%
Yes, and also updating training content44%
No15%
No, but making changes to training content8%
Other/show results1%
Certification (ISO 27001 gap analysis) and attestation (SOC2 Type 1) of the program is the priority.