The FOXMOLE methodology is focused around fundamental pillars of security strategy such as “Protect”, “Detect” and “React”. Relative strengths and weaknesses in these areas are evaluated and measured following series of interviews and observations with all key stakeholders.
One FOXMOLE observation is that in an ideal world the business importance of a service is evaluated by interviewing the business owner of a system or process. In reality, that necessary step is often skipped and the whole infrastructure is considered as the same important level (organisations are wasting money by protecting low important services with too much energy, and not protecting the high assets with higher standards and processes because all threats are treated as “normal”); something which should be avoided.
These are interviews are complemented by a series of technical validations; for example, are your servers and the corresponding layers (services, frameworks and applications) really patched according to the internal policies and best practices as claimed or just a small percentage of these? Disconnects between what is perceived to being taking place as part of security process and the reality are identified and captured.
Identifying risk areas is only part of the story - focused actions must be taken as a result of the insights shared.
FOXMOLE makes recommendations as to where to focus effort for maximum impact and improved overall security, chiefly in:
In addition to the above, FOXMOLE provides guidance how to remediate the root causes resulting in this vulnerabilities to prevent them from further happening, increased efficiency and therefore decreasing the fixing-costs.
FOXMOLE also acts a key CISO sparring partner, delivering valuable insights across a range of subjects that can be challenging for executives to keep track on. Regular review meetings with clients offer the chance to check progress against goals and offer strategic advices and recommendations.