TechSecOps: Revolutionizing your Technology Security Program

Learning how to hit the ground running with technology security operations using CORE.

Introduction

Cost-effective Operational Reliable Efficient CORE Technology Security involves only what is required to manage technology risks specific to each organization, no more and no less. By emphasizing CORE, declare the objectives and build to those objectives. Regarding security, CORE enables organizations to have 100% accurate asset inventories, proactively manage vulnerabilities, detect threats to each technology, respond to exploits (accidental or otherwise), and maintain business operations while recovery activities are underway. After implementing the CORE Technology Security Inventory, Remediation, Detection, and Decision, focus on Operations.

Summary

Technology Security Operations, or TechSecOps, is an approach focusing on building a CORE technology security program that emphasizes security operations first and deploying automation when and wherever possible to simplify security. Additionally, this level-setting program emphasizes doing the bare minimum to meet security objectives. CORE is not a compliance process; if built correctly, it will be compliant.

In this introduction video, I explain the fundamentals of building a TechSecOps program based on CORE and set the stage for future deep dives.