What are the possible/common attack vectors that you should double check, that give sleepless nights.

1) EMAILS!!! - All sorts can come in, viruses, malwares, CnC.

Over 10, how efficient is your email security solution?

Web edge. Just peep at your Firewall, TONS! of port scanning, these guys DO NOT SLEEP, well, bots dont.

Are you also using a WAF?

How confident are you in your FW holding up?

How sure are you that your admins are not opening ports they shouldnt even by error? #CyberSecurity

Additional Domain (DNS) security? For outgoing traffic? Checked that place?

URL filtering, backed by real time intelligence/feeds?

#cyber

Endpoint protection!!

Endpoints have some "EP NGFW" active & that can't be disabled?? Real time, file analysis, malware protection.

Does your EP protection have some sort of sandbox for files/patterns it's not sure of? Is it smart enough to protect you from polymorphic files?

Does your EP protection do retrospection for "good" files?

Are removable/pen drives allowed on your devices?

What other vector? The BYOD? Bring your own demons?

How comprehensive is your device posturing?
#CyberSecurity

How properly segmented is your network? If and if you get breached. Is your network designed to be able to contain the breach? Do you run a flat /8, /16 network?

#redistribute static

I know reachability is supernice but

#CyberSecurity

Are you extending same capabilities to your cloud workloads?

Implementing RBAC and proper accounting?

Did someone scream MFA???

#CyberSecurity