Statements from the following verified business professionals were used to create this chart:
Title |
Company Size |
Industry |
Response |
|
IT Director |
Medium Enterprise |
Construction |
- Penetration testing (Internal, cloud, wireless, social engineering/phishing, physical)
- Security Awareness Training
- Privileged Access Management (PAM)
|
|
Chief Information Security Officer |
Medium Enterprise |
Financial Services |
- Annual security posture assessment and risk review
- Penetration testing (Internal, cloud, wireless, social engineering/phishing, physical)
- Security Awareness Training
- Following a security framework (such as CIS, NIST 800-171, or ISO 27001)
- Privileged Access Management (PAM)
- Data Loss Preventions (DLP)
- Data Classification
- Infrastructure log monitoring with Managed Detection and Response (MDR)
- Micro simulations to test efficacy of security controls
|
|
Network Administrator |
Medium Enterprise |
Professional Services |
- Privileged Access Management (PAM)
|
|
Chief Information Officer |
Educational Institution |
Educational Institution |
- Annual security posture assessment and risk review
- Penetration testing (Internal, cloud, wireless, social engineering/phishing, physical)
- Security Awareness Training
- Privileged Access Management (PAM)
- Data Classification
|
|
IT Manager |
Large Enterprise |
Food |
- Annual security posture assessment and risk review
- Penetration testing (Internal, cloud, wireless, social engineering/phishing, physical)
- Security Awareness Training
- Privileged Access Management (PAM)
- Data Loss Preventions (DLP)
- Infrastructure log monitoring with Managed Detection and Response (MDR)
|
|
Chief Information Officer |
Non-profit |
Non-profit |
- Annual security posture assessment and risk review
- Penetration testing (Internal, cloud, wireless, social engineering/phishing, physical)
- Following a security framework (such as CIS, NIST 800-171, or ISO 27001)
- Infrastructure log monitoring with Managed Detection and Response (MDR)
|
|
IT Director |
Small Business |
Transportation Services |
- Annual security posture assessment and risk review
- Penetration testing (Internal, cloud, wireless, social engineering/phishing, physical)
- Security Awareness Training
- Following a security framework (such as CIS, NIST 800-171, or ISO 27001)
- Infrastructure log monitoring with Managed Detection and Response (MDR)
|
|
IT Manager |
Medium Enterprise |
Financial Services |
- Annual security posture assessment and risk review
- Penetration testing (Internal, cloud, wireless, social engineering/phishing, physical)
- Security Awareness Training
- Data Loss Preventions (DLP)
- Data Classification
|
|
President |
Medium Enterprise |
Chemicals |
- Annual security posture assessment and risk review
- Security Awareness Training
|
|
Chief Information Officer |
Medium Enterprise |
Agriculture |
- Annual security posture assessment and risk review
- Penetration testing (Internal, cloud, wireless, social engineering/phishing, physical)
- Security Awareness Training
- Data Loss Preventions (DLP)
- Data Classification
- Infrastructure log monitoring with Managed Detection and Response (MDR)
|