<<< October - December 2018 | January - March 2019 | April - June 2019 >>> | |
Q3 Goals
https://www.mediawiki.org/wiki/Wikimedia_Technology/Annual_Plans/FY2019/CDP1:_Privacy,_Security,_and_Data_Management/CDP_Budget_Segment_2/Goals
Outcome 1 / Output 1
Ensure the high-quality protection and security of our infrastructure and data. Review and update current security policies, standards and procedures
*Goal(s)*
- Review and mature our security policies and awareness functions:
- Create or update 3 security policies
- Provide Security Awareness training
- Perform Phishing campaign
- Security Code Review process improvements completed and published
- Update/Consolidate security documentation
Outcome 1 / Output 2
- Ensure the high-quality protection and security of our infrastructure and data. Reduce risk, improve application security practices, improve code quality, reduce vulnerabilities and attack surface and encourage a secure by design approach.
*Goal(s)*
- Expansion of CSP
- Security Release
- Analytics Risk Assessment and Threat Model
- Incorporation of Phan-taint-check into MW Core
- Evaluate dynamic scanners
- Routine penetration testing
Outcome 1 / Output 3
- Ensure the high-quality protection and security of our infrastructure and data.
- Increase maturity and capabilities in the event of a security incident.
*Goal(s)*
- Perform tooling and process retro
- Finalize and test our Incident Response documentation
- Create incident play by play dashboard
- Perform 1 large scale tabletop exercise