Exercise: Evaluate security posture and recommend technical strategies to manage risk

Completed

This case study exercise is designed to provide experience performing some conceptual design tasks that relate to the subjects learned in this module.

Case study: evaluate security posture

Tailwind Traders is a modern commerce company. For more than 30 years, the company has been a popular retail destination. It has grown to more than 50 physical stores. Several years ago, its chief executive officer (CEO) anticipated changes in retail and bought a competing e-commerce start-up that was growing aggressively in niche markets. Today, the company is seen as an innovative leader with customer-focused local storefronts.

Requirements

The new Chief Information Officer (CIO) is concerned with the rise of high-profile companies getting compromised and asked the CSO to perform a risk assessment to identify the companies' most valuable assets and ensure that they're secure. In addition, the CIO wants the CSO to track security posture enhancement overtime and use cyber-threat intelligence to improve their defenses against threats. The CIO wants to have a monthly meeting to track this progress and the CSO should present a sort of KPI to show how the company is progressing. This is the first transformation effort to start since the new CIO accepted the role. The CIO will closely monitor the project and will examine how IT operates in the cloud.

Design tasks

  • Evaluate security posture
    • In this scenario, should the company track progress using Azure Security Benchmark or Secure Score? Justify your answer.
    • What tool should the CISO adopt to track progress overtime?
  • Threat intelligence
    • Which tool should be utilized to aggregate CTI feeds and present in a meaningful dashboard?
    • Which tool provides built-in threat intelligence report that can be used to improve the companies' defenses?
  • Which security capability will enable Tailwind Traders to implement the CIO's vision of empowering the remote users while enforcing security and restrictions based on the user's geo-location?
  • Which cloud security capability should be used to enable the AI/Robotics Team test their apps without disrupting the production environment?