Posts by hamisec@infosec.exchange
 (DIR) Post #ARg6UWbeEw0JxfTfYO by hamisec@infosec.exchange
       2023-01-15T20:20:05Z
       
       0 likes, 0 repeats
       
       @seb how long have you been a one person info sec team? Any hint that the org plans on increasing your team?
       
 (DIR) Post #ARgAdQ902DE8LIZhGC by hamisec@infosec.exchange
       2023-01-15T20:26:58Z
       
       0 likes, 0 repeats
       
       @seb to consider what to do next, we would need to know what you have already done. But if you haven't done these, consider one of: run a pen test. If you don't have pen test budget, do some basic scanning yourself or sign up for shodan. Run a demo for your IT team to show them how easily putty.exe can be backdoored with malware. Create or approve a risk scoring system. Create a risk register with likelihood, impact, remediation plan, remediation owner, etc. Run a phishing campaign with gophish and then an awareness roadshow, and then another phishing campaign to show the improvement. Take a look at the cyber defence matrix and use it to map out the gaps in your coverage.
       
 (DIR) Post #ARgLetCMb1OwEp3E80 by hamisec@infosec.exchange
       2023-01-15T23:10:01Z
       
       0 likes, 0 repeats
       
       @seb you know what you're doing then