A small company’s Chief Executive Officer (CEO) has asked its Chief Security Officer (CSO) to
improve the company’s security posture with regard to targeted attacks. Which of the following
should the CSO conduct FIRST?
A.
Survey threat feeds from analysts inside the same industry.
B.
Purchase multiple threat feeds to ensure diversity and implement blocks for malicious traffic.
C.
Conduct an internal audit against industry best practices to perform a gap analysis.
D.
Deploy a UTM solution that receives frequent updates from a trusted industry vendor.