CYBERSECURITY PROCESS

4D-R2 Philosophy / R.2 REFORGE

D.1
Detect
Internal/External threats and vulnerabilities.
D.2
Defend
Organization’s personnel, information, intellectual property, and assets.
D.3
Disseminate
Detailed information of an incident to authorized personnel to obtain further instructions to potentially.
D.4
Destroy
Internal/External Threat(s).
R.1
Regroup
IT/Cyber personnel,
Management, C-Suite.
R.2
Reforge (you are here)
Organization’s policies, security training, and infrastructure.
01
Detect

Internal/External threats and vulnerabilities.

02
Defend

Organization’s personnel, information, intellectual property, and assets.

03
Disseminate

Detailed information of an incident to authorized personnel to obtain further instructions to potentially 

04
Destroy

Internal/External Threat(s).

05
Regroup

IT/Cyber personnel, Management, C-Suite.

06
Reforge

Organization’s policies, security training, and infrastructure.

Perform

After Action Review (AAR)
Purple/Blue/Red Team Discussions
Disaster Recovery Team
Leadership
Review/Edit Business Continuity Plans
Review/Edit Business Impact Analysis/Assessment
Review/Edit ALL Policies, Standard Operating Procedures
Review/Edit ALL training
Re-Assess all IT/Cyber/Physical security

Organization

Locations

Hot Site
HQ/Satellite Offices/ Branch locations
Homes (Telecommuter)

Servers

Physical
Cloud (AWS/IBM/AZURE)

Networks

Physical
Wireless
Remote Access Virtual Private Network (VPN)

IT/Cyber Controls

Firewalls / Access Control Lists (ACLs)
Remote Access Virtual Private Network (VPN)
Endpoint Protection (EP)
Email Antimalware
Intrusion Prevention (IPS)
Web Filtering
Asset Management
Network Access Control (NAC)
Mobile Device Management (MDM)
Identity and Access Management (IDAM)
Single-Sign-On (SSO)
Multi-Factor Authentication (MFA)
Privileged Access Management (PAM)
IDAM Governance
Endpoint Encryption (EE)
Database Audit Monitoring
Device Authentication
Web Application Firewall (WAF)
Database Encryption
Cloud Access Security Broker (CASB)
Application Segmentation
Public Key Infrastructure (PKI)
Key Management
Distributed Denial of Service (DDoS) Protection
Application Whitelisting
Go to next step - DETECT