Protect
We learned a lot about the Identify function in Chapter 4. By knowing what is and is not connected to your network, the hardware, software, known devices, and unknown devices, you can build your own database of information. This database, known as a configuration management database (CMDB), can be paired with other services within your cybersecurity portfolio. This includes enriching information with your vulnerability management system or using it in conjunction with your disaster recovery and incident response plans. Metrics on the number of vulnerabilities, the timeframe from when they were discovered to their remediation, and their risk to the organization are crucial. This collaborative approach enhances your response to an incident. In this chapter, we will cover the Protect function. We will take a look at several different controls, such as how you perform security awareness training, how you protect sensitive information, and how resilient you can make your IT resources...
