How to convince your boss that cybersecurity includes Active Directory

2021-06-24 06:00

Because so many organizations rely on a hybrid cloud identity model that holds a central role for on-premises Active Directory, it's a natural conclusion to consider Active Directory be a part of cybersecurity plans.

How do you go about convincing your boss about the need to protect Active Directory in the same way you do other parts of the environment? For starters, don't start talking technical.

Assuming the boss you need to convince isn't a techie, you need to be talking their language-business.

Follow these three steps to begin a conversation that helps your boss understand the importance of AD to operations, its vulnerability as a core part of the business, and how it needs to be protected.

A proper cybersecurity stance needs to address prevention, detection, response, and remediation of much more severe attacks that can leave Active Directory and operations in shambles - something basic backups just can't do.

By talking about operations, and keeping the business running during an attack, you engage your boss's interest, while slowly pivoting the conversation into one that is laser-focused on needed security measures that reduce the threat surface within AD. The bad guys already know how essential your Active Directory is to them when it's unprotected.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/44oCcNHRCLA/

#activedirectory #cybersecurity