The Security Leader’s Handbook
You’ve been told you’re the next director of security for your
organization. Your role is to start and scale security practices
at a high-growth company.
What happens next? Where do you get started?
Your company may have basic security practices in place,
such as scanning tools and annual penetration tests. But
what is the best foundation for security at scale? What steps
will build a strong security program that grows along with
Take our plan and use it to start making progress
from day one.
- Congratulations! You’ve been made the Director of Security (or similar) of your organization. Taking over such
a crucial role can be daunting, and there’s probably a lot swirling around your head—at the very least, new and
existing projects, upgrades, vulnerabilities, and developing a plan for the coming years
- At this point, you’ve met with several departments to understand the risks facing your organization. You’ve
created a picture of current risk management practices. This is important for a good foundation
- At this point, you’ve identified:
1. What projects are currently in progress.
2. Which new projects are needed to improve security.
3. Systemic and specific issues to be resolved (based on threat modeling results)
I will receive information, tips, and offers about Office and other HackerOne products
and services. Privacy
White Paper from