{"id":18884,"date":"2018-11-13T17:00:10","date_gmt":"2018-11-13T17:00:10","guid":{"rendered":"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/?p=86572"},"modified":"2018-11-13T17:00:10","modified_gmt":"2018-11-13T17:00:10","slug":"ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/","title":{"rendered":"CISO series: Lessons learned\u20144 priorities to achieve the largest security improvements"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/wp-content\/themes\/cloudperspectives\/dist\/images\/MSFT_logo_rgb_C-Gray_1200_x_627.png\" class=\"ff-og-image-inserted\"\/><\/div>\n<p>In my past life as CISO, I\u2019ve worked for small companies, state governments, and large enterprises, and one thing that has been true at all of them is that there is an infinite number of security initiatives in each organization you <strong><em>could<\/em><\/strong> implement, yet the resources to accomplish those tasks are finite. To be an effective CISO, I had to learn to appropriate the resources under my control toward the solutions that confront the greatest risk to the most valuable parts of the business. I also had to learn how to extend my own resource pool by persuading every individual at the company that they had a role to play in protecting the organization. In short, I learned to aggressively prioritize resources, quantify risk, and influence others.<\/p>\n<p>In this blog, I\u2019ll share the methods I\u2019ve used to prioritize where and how I spend my resources. There really are just four priorities to achieve the largest security improvements:<\/p>\n<ol>\n<li>Identify what is under your control.<\/li>\n<li>Formulate a security strategy.<\/li>\n<li>Implement good cybersecurity hygiene.<\/li>\n<li>Disrupt the cyber kill chain.<\/li>\n<\/ol>\n<h3>Identify the business you are charged with protecting<\/h3>\n<p>Before you can begin to allocate your resources, you first need to identify what is under your control. What are the capital and operating budgets available for security, and who are the people responsible for security? You may manage security professionals both inside and outside the company, and you need to know who they are and their strengths and weaknesses. When it comes time to assign people and budgets to your priorities, this knowledge will prove crucial.<\/p>\n<p>You must also know the business. Get clear about which products, services, and lines of business are the biggest drivers of the organization\u2019s success. Once you understand what drives the business and the resources you control, you will need to formulate a strategy.<\/p>\n<h3>Formulate a security strategy<\/h3>\n<p>Understanding the most critical business drivers will help you formulate a security strategy,\u00a0<a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/02\/07\/developing-an-effective-cyber-strategy\/\" rel=\"noopener\">which I\u2019ve written about in more detail<\/a>\u00a0in a previous post. When you have your security strategy, you\u2019re ready to establish a strong cybersecurity hygiene.<\/p>\n<h3>Implement good cybersecurity hygiene<\/h3>\n<p>One example of how I\u2019ve prioritized security initiatives as a CISO comes from my time at the State of Colorado. When I first stepped into the CISO role in Colorado state government, I needed to modernize their security approach and address vulnerabilities across the enterprise with a very limited budget. I wanted to show results quickly, so I chose to focus on the <a target=\"_blank\" href=\"http:\/\/www.govtech.com\/policy-management\/Colorado-Embraces-New-IT-Security-Philosophy.html\" rel=\"noopener\">small things that could be implemented<\/a> easily and would drive the greatest reduction in risk.<\/p>\n<p>This approach\u2014often referred to as cybersecurity hygiene\u2014concentrates on hardening systems by leveraging secure configurations, putting in place processes and tools to ensure data, devices, and the network are protected against vulnerabilities, and maintaining the patch levels of critical systems<\/p>\n<p>Before you move on to more complex initiatives, be sure you\u2019ve walked through each of the following steps:<\/p>\n<p><strong>Inventory your network:<\/strong> The first step is to identify every inch of your network, because you can\u2019t protect what you can\u2019t see. You must know what type of equipment is on your network and whether it is part of internal networks, hosted on the internet, or part of a cloud platform. Once you know what you have, you need to maintain a continuously updated inventory of the hardware and software that\u2019s authorized to be on your network.<\/p>\n<p><strong>Scan and patch:<\/strong> When you\u2019ve identified all the devices and applications on your network, you should scan them from a central point on a regular basis and patch and deactivate them\u2014remotely\u2014as necessary. For larger organizations, the scale of this operation is the challenge, especially with limited maintenance windows, a proliferation of web apps and devices, and architectural complexities. Flexible and scalable security scanning services are therefore becoming increasingly necessary.<\/p>\n<p><strong>Continuously look for vulnerabilities:<\/strong> The frequency and complexity of attacks continue to increase, so it is no longer an option to scan your network on a semi-regular basis. You should try to constantly monitor for threats, and quickly address them within your network.<\/p>\n<p>To help you with this process, you can read more details on <a target=\"_blank\" href=\"http:\/\/www.itsecurityguru.org\/2015\/02\/16\/what-is-good-cyber-hygiene-and-how-do-you-achieve-it\/\" rel=\"noopener\">cybersecurity hygiene<\/a><u>.<\/u> You should also leverage the cloud as it helps you to quickly modernize and sunset legacy and vulnerable systems, provides more automation, and allows you to inherit and extend your security team by gaining from the expertise of the cloud security provider.<\/p>\n<p>Once your systems are hardened and you have a process and tools to continuously monitor your network, you should next focus on interrupting the most common methods hackers use to enter your network, what we refer to as the cyber kill chain.<\/p>\n<h3>Understand and disrupt the cyber kill chain<\/h3>\n<p>The kill chain is a workflow that cybercriminals deploy to infiltrate a company. Attackers of all sizes have had great success with this approach, so it is worth understanding and then implementing solutions to circumvent it.<\/p>\n<p><strong>External recon:<\/strong> Most hackers begin their attack by gathering intelligence on your company. They collect data on employees, executives, technologies, and supply chain to increase the odds of a successful attack.<\/p>\n<p>Solution: Enable <a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/concept-mfa-howitworks\" rel=\"noopener\">Multi-Factor Authentication<\/a> to require that users sign in with two forms of verification, reducing the likelihood that they\u2019ll be compromised.<\/p>\n<p><strong>Compromised machine:<\/strong> At this stage, the attacker targets a carefully selected employee with a phishing campaign. This campaign is designed to trick the user into executing an attachment or visiting a site that will install a backdoor on the employee\u2019s computer, giving them the ability to control the computer.<\/p>\n<p>Solution: Implement <a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/office365\/securitycompliance\/office-365-atp\" rel=\"noopener\">Office 365 Advanced Threat Protection<\/a> to protect against malicious files.<\/p>\n<p><strong>Internal recon<\/strong>: Once an attacker has compromised a machine, they\u2019ll begin to gather intelligence that is newly available, such as credentials stored locally on the machine. They\u2019ll also map internal networks and systems. This new information will allow them to plan their next move.<\/p>\n<p>Solution: Use <a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/windows\/security\/threat-protection\/overview-of-threat-mitigations-in-windows-10\" rel=\"noopener\">Windows 10\u2019s security features<\/a> designed to both stop the initial infection and, if infected, prevent further lateral movement.<\/p>\n<p><strong>Domain dominance<\/strong>: The attacker will try to elevate their access within the network to gain access to a privileged account and your company data.<\/p>\n<p>Solution: Use <a target=\"_blank\" href=\"https:\/\/bridgepartnersconsulting-my.sharepoint.com\/personal\/lisa_wessling_bridgepartnersconsulting_com\/Documents\/M365-WritingSupport\/Microsoft%20Secure%20Team\/Microsoft%20Secure%20Blog%20Series\/Lessons%20from%20a%20CISO\/Microsoft%20Advanced%20Threat%20Analytics\" rel=\"noopener\">Microsoft Advanced Threat Analytics<\/a> to provide a robust set of capabilities to detect this stage of an attack.<\/p>\n<p><strong>Data consolidation and exfiltration:<\/strong> If an attacker gains access to your data, the final step would be to package it up and move it out of the organization without detection, in a process called \u201cdata consolidation and exfiltration.\u201d Paying close attention to the first phases of an attack will hopefully prevent an attacker from getting this far.<\/p>\n<h3>Focus on what matters most to the business<\/h3>\n<p>Even the largest enterprise is faced with tough choices when allocating security resources. If you are smart about how you appropriate them, you can make choices that have the greatest chance of protecting your organization. It starts with understanding your current state, both your resources and the most critical business drivers, formulating a solid strategy, implementing good cybersecurity maintenance, and finally, disrupting the cybersecurity kill chain.<\/p>\n<p>In the coming weeks, I will share lessons I\u2019ve learned to evaluate risks quantitatively. And following this, I will talk about how I\u2019ve learned to influence others to take their role in protecting the organization very seriously.<\/p>\n<p>To read more blogs from the series, visit the <a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/?content-type=ciso-series\" rel=\"noopener\">CISO series<\/a> page.<\/p>\n<p>READ MORE <a href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/11\/13\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this blog, Jonathan Trull shares methods he uses to prioritize where and how he spends his resources to achieve the largest security improvements.<br \/>\nThe post CISO series: Lessons learned\u20144 priorities to achieve the largest security improvements appeared first on Microsoft Secure. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":18885,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[276],"tags":[347],"class_list":["post-18884","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-secure","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CISO series: Lessons learned\u20144 priorities to achieve the largest security improvements 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CISO series: Lessons learned\u20144 priorities to achieve the largest security improvements 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-11-13T17:00:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/11\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"627\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"CISO series: Lessons learned\u20144 priorities to achieve the largest security improvements\",\"datePublished\":\"2018-11-13T17:00:10+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\\\/\"},\"wordCount\":1252,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/11\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements.png\",\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Microsoft Secure\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\\\/\",\"name\":\"CISO series: Lessons learned\u20144 priorities to achieve the largest security improvements 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/11\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements.png\",\"datePublished\":\"2018-11-13T17:00:10+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/11\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/11\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements.png\",\"width\":1200,\"height\":627},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/cybersecurity\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"CISO series: Lessons learned\u20144 priorities to achieve the largest security improvements\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CISO series: Lessons learned\u20144 priorities to achieve the largest security improvements 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/","og_locale":"en_US","og_type":"article","og_title":"CISO series: Lessons learned\u20144 priorities to achieve the largest security improvements 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-11-13T17:00:10+00:00","og_image":[{"width":1200,"height":627,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/11\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"CISO series: Lessons learned\u20144 priorities to achieve the largest security improvements","datePublished":"2018-11-13T17:00:10+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/"},"wordCount":1252,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/11\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements.png","keywords":["Cybersecurity"],"articleSection":["Microsoft Secure"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/","url":"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/","name":"CISO series: Lessons learned\u20144 priorities to achieve the largest security improvements 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/11\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements.png","datePublished":"2018-11-13T17:00:10+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/11\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/11\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements.png","width":1200,"height":627},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/ciso-series-lessons-learned-4-priorities-to-achieve-the-largest-security-improvements\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity","item":"https:\/\/www.threatshub.org\/blog\/tag\/cybersecurity\/"},{"@type":"ListItem","position":3,"name":"CISO series: Lessons learned\u20144 priorities to achieve the largest security improvements"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/18884","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=18884"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/18884\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/18885"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=18884"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=18884"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=18884"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}