The company that I work for is a small business and we’re growing. I have been tasked with developing and implementing a cybersecurity policy for the company.
I am a long-time IT Guy, but have never really delved that deep into cybersecurity. After googling until my head hurt (literally), I have decided to come talk to the community.
Where do I start? Our company doesn’t want to PAY for an assessment, because we’d rather learn to do it ourselves so that we can offer it as a service to our customers.
Once I know what our vulnerabilities are, I can work to correct them. However, the part about determining what they are is my problem.
What resources do you recommend? Books? Videos? Online trainining?