Planning

The road towards a secure state begins in the planning stage, both for roadmaps, individual features or entire projects. Are we aware of which vulnerabilities, attack vectors, the amount of sensitive data or integrations we have which requires an extra layer of monitoring? Raising awareness in these areas is very important during the early stages of a project, and this is where a Security Champion can help!

Another important element is to define routines and responsibilities. Can the deliverable result in a change to existing routines, new components are to be used or other parts of the organization will be affected? If so, it is important to communicate this early to give the affected parties time to adapt.