Resources For You

  1. 5 Essential Marketing Strategies for VoIP Businesses

    5 Essential Marketing Strategies for VoIP Businesses

  2. 5 FCC Regulatory Actions Against VoIP and Wholesale Carriers

    5 FCC Regulatory Actions Against VoIP and Wholesale Carriers

  3. 5 Technologies Set to Revolutionise Webphones

    5 Technologies Set to Revolutionise Webphones

  4. 5 Unique Types of VoIP Gateways Explained!

    5 Unique Types of VoIP Gateways Explained!

  5. 5 Ways a Cloud PBX System Benefits Remote Work

    5 Ways a Cloud PBX System Benefits Remote Work

  6. 5 Ways SBCs Facilitate Unified Communications as a Service

    5 Ways SBCs Facilitate Unified Communications as a Service

  7. 5 Ways to Optimise ASR To Grow Profitability

    5 Ways to Optimise ASR To Grow Profitability

  8. 7 Additional Important Components of a VoIP Carrier Network Explained

    7 Additional Important Components of a VoIP Carrier Network Explained

  9. 7 Important Factors to Consider When Implementing LCR

    7 Important Factors to Consider When Implementing LCR

  10. 7 New Capabilities an AI Calling System Offers

    7 New Capabilities an AI Calling System Offers

  11. 7 Ways to Optimize AHT

    7 Ways to Optimize AHT

  12. 9 Key Functions of an SBC Explained

    9 Key Functions of an SBC Explained

  13. 10 Benefits of an AI Calling System

    10 Benefits of an AI Calling System

  14. 10 Factors to Consider While Choosing a Webphone

    10 Factors to Consider While Choosing a Webphone

  15. 10 Important Components of a VoIP Carrier Network Explained

    10 Important Components of a VoIP Carrier Network Explained

  16. 10-Point Security Checklist for VoIP Carriers

    10-Point Security Checklist for VoIP Carriers

  17. 10 Tips For Effective Implementation of LCR

    10 Tips For Effective Implementation of LCR

  18. 10 Webphone Features that Benefit Your Business

    10 Webphone Features that Benefit Your Business

  19. AI Guardrails 101 - Introduction to AI Safety Nets

    AI Guardrails 101 - Introduction to AI Safety Nets

  20. AI Guardrails - Types and the Legal Risks They Mitigate

    AI Guardrails - Types and the Legal Risks They Mitigate

  21. An Out of the Box Telecoms Network

    An Out of the Box Telecoms Network

  22. Are Call Centers Still Relevant in 2023?

    Are Call Centers Still Relevant in 2023?

  23. Automated Dialler vs Manual Dialler - Knowing the 7 Key Differences

    Automated Dialler vs Manual Dialler - Knowing the 7 Key Differences

  24. Call Center vs Contact Center - Understanding the Differences

    Call Center vs Contact Center - Understanding the Differences

  25. Choosing SIP over TCP,TLS and UDP in 2022

    Choosing SIP over TCP,TLS and UDP in 2022

  26. Class 4 Softswitch vs Class 5 Softswitch - Understanding the Difference

    Class 4 Softswitch vs Class 5 Softswitch - Understanding the Difference

  27. Combatting Covid-19 with Carrier-Grade Communications Solutions to Help Users Work Remotely

    Combatting Covid-19 with Carrier-Grade Communications Solutions to Help Users Work Remotely

  28. Comprehensive Cloud Softswitch Documentation

    Comprehensive Cloud Softswitch Documentation

  29. ConnexCS expands AnyEdge SIP Load Balancer to India

    ConnexCS expands AnyEdge SIP Load Balancer to India

  30. ConnexCS for Africa

    ConnexCS for Africa

  31. ConnexCS WebPhone SDK Connector

    ConnexCS WebPhone SDK Connector

  32. Conquer Call Issues: A Beginner's Guide to Reading SIP Traces

    Conquer Call Issues: A Beginner's Guide to Reading SIP Traces

  33. Discover the Different Types of NAT: An Essential Guide for Network Administrators

    Discover the Different Types of NAT: An Essential Guide for Network Administrators

  34. Discussing the Future and Top 9 Benefits of WebRTC

    Discussing the Future and Top 9 Benefits of WebRTC

  35. DNO And DNC Lists - Everything Carriers Should Know

    DNO And DNC Lists - Everything Carriers Should Know

  36. Email and SMS Alerts

    Email and SMS Alerts

  37. Employers' Guide to Winning at Remote Work

    Employers' Guide to Winning at Remote Work

  38. Exploring the Top 10 Types of Web Phones in 2023!

    Exploring the Top 10 Types of Web Phones in 2023!

  39. False Answer Supervision Detection - The Ultimate Tool for Preventing VoIP Fraud

    False Answer Supervision Detection - The Ultimate Tool for Preventing VoIP Fraud

  40. Far-End NAT Traversal - An In-Depth Guide

    Far-End NAT Traversal - An In-Depth Guide

  41. Feature Releases for June 2024

    Feature Releases for June 2024

  42. Feature Releases for July 2024

    Feature Releases for July 2024

  43. From Cost Savings to Mobility - 15 Benefits of Web Phones for Businesses

    From Cost Savings to Mobility - 15 Benefits of Web Phones for Businesses

  44. Get Your FCC Registration Number in 5 Easy Steps!

    Get Your FCC Registration Number in 5 Easy Steps!

  45. How to Build Your API on ConnexCS

    How to Build Your API on ConnexCS

  46. How to Build Your Own Dialer (BYOD) – Part 1

    How to Build Your Own Dialer (BYOD) – Part 1

  47. How to Establish a VoIP Interconnect in 10 Easy Steps

    How to Establish a VoIP Interconnect in 10 Easy Steps

  48. How to Get Operating Company Number (OCN) in 4 Easy Steps

    How to Get Operating Company Number (OCN) in 4 Easy Steps

  49. How to Identify Robocall Scam Traffic - A Comprehensive Guide for Telecom and VoIP Operators

    How to Identify Robocall Scam Traffic - A Comprehensive Guide for Telecom and VoIP Operators

  50. How to Improve CX? Ensure your Call Center Agents are Happy!

    How to Improve CX? Ensure your Call Center Agents are Happy!

  51. How to Prepare for a VoIP Network Security Audit

    How to Prepare for a VoIP Network Security Audit

  52. How to Properly Prepare for Setting up a VoIP Interconnect

    How to Properly Prepare for Setting up a VoIP Interconnect

  53. How to Register for the Robocall Mitigation Database: A step-by-step guide!

    How to Register for the Robocall Mitigation Database: A step-by-step guide!

  54. How to Successfully Implement LCR is 5 Easy Steps

    How to Successfully Implement LCR is 5 Easy Steps

  55. How Using Web Phones Can Benefit These 10 Industries?

    How Using Web Phones Can Benefit These 10 Industries?

  56. How Will AI Voice Agents Impact the Call Center Industry?

    How Will AI Voice Agents Impact the Call Center Industry?

  57. Importance of Balancing Cost Minimization and Reliable Call Quality when implementing LCR

    Importance of Balancing Cost Minimization and Reliable Call Quality when implementing LCR

  58. Introducing ConnexCS WebPhone

    Introducing ConnexCS WebPhone

  59. Introducing ConneXML - The Best TwiML Alternative

    Introducing ConneXML - The Best TwiML Alternative

  60. Introducing Smart CLI Select - An Effective Way to Improve your ASR

    Introducing Smart CLI Select - An Effective Way to Improve your ASR

  61. Introduction to AI Voice Agent Guardrails - What They Are and Why Your Business Needs Them

    Introduction to AI Voice Agent Guardrails - What They Are and Why Your Business Needs Them

  62. LTE vs VoLTE: Diving Into The Differences

    LTE vs VoLTE: Diving Into The Differences

  63. Navigating Cold Calling - UK Compliance for Call Centers

    Navigating Cold Calling - UK Compliance for Call Centers

  64. Operating Company Numbers (OCN) - Understanding Function, Importance and Relevance

    Operating Company Numbers (OCN) - Understanding Function, Importance and Relevance

  65. Populating Our Support Area With Cloud Softswitch Video Guides

    Populating Our Support Area With Cloud Softswitch Video Guides

  66. Predictive Dialler vs Progressive Dialler - Understanding the Differences

    Predictive Dialler vs Progressive Dialler - Understanding the Differences

  67. Preview Dialler vs Power Dialler - Understanding Top 5 Differences

    Preview Dialler vs Power Dialler - Understanding Top 5 Differences

  68. Rate Card Profit Assurance

    Rate Card Profit Assurance

  69. Redundant Redundancies (Backups of backups)

    Redundant Redundancies (Backups of backups)

  70. Revolutionise Your Outbound Calls - 8 Types of VoIP Diallers Explained

    Revolutionise Your Outbound Calls - 8 Types of VoIP Diallers Explained

  71. The Complete Guide to Effective Root Cause Analysis

    The Complete Guide to Effective Root Cause Analysis

  72. Scalability – Grow at Speeds That Suit You

    Scalability – Grow at Speeds That Suit You

  73. ScriptForge – Javascript Routing

    ScriptForge – Javascript Routing

  74. Simplifiying our Softswitch Pricing

    Simplifiying our Softswitch Pricing

  75. SIP 101 - The Best Guide of 2022

    SIP 101 - The Best Guide of 2022

  76. The 3CX Supply Chain Attack - Understanding Everything That Happened

    The 3CX Supply Chain Attack - Understanding Everything That Happened

  77. The 5 Best Strategies for Mitigating Robocall Scams

    The 5 Best Strategies for Mitigating Robocall Scams

  78. The Anatomy of Robocall Scams

    The Anatomy of Robocall Scams

  79. The Art of Cost Optimization - Least Cost Routing and Its 7 Benefits

    The Art of Cost Optimization - Least Cost Routing and Its 7 Benefits

  80. The Best Multi-POP Cloudswitch

    The Best Multi-POP Cloudswitch

  81. The Essential Guide to Business Continuity Plans for VoIP Carriers

    The Essential Guide to Business Continuity Plans for VoIP Carriers

  82. The Essential Guide to Implementing STIR/SHAKEN

    The Essential Guide to Implementing STIR/SHAKEN

  83. The Ultimate Guide to STIR/SHAKEN

    The Ultimate Guide to STIR/SHAKEN

  84. Timeout Protections (SIP Ping, SST)

    Timeout Protections (SIP Ping, SST)

  85. TLS and 2FA Security on the ConnexCS Platform

    TLS and 2FA Security on the ConnexCS Platform

  86. Top 5 Alternative Marketing Strategies for VoIP Businesses

    Top 5 Alternative Marketing Strategies for VoIP Businesses

  87. Top 5 Call Center Challenges and How To Overcome Them

    Top 5 Call Center Challenges and How To Overcome Them

  88. Top 5 Important Types of VoIP Gateways Explained

    Top 5 Important Types of VoIP Gateways Explained

  89. Top 7 Strategies For Ensuring Call Quality While Minimizing Costs with LCR

    Top 7 Strategies For Ensuring Call Quality While Minimizing Costs with LCR

  90. Top 9 Indicators that Help You Identify a Bad Carrier

    Top 9 Indicators that Help You Identify a Bad Carrier

  91. Top 10 Points of Differences Between a Traditional and VoIP Carrier

    Top 10 Points of Differences Between a Traditional and VoIP Carrier

  92. Top 10 Types of Robocall Scams Explained!

    Top 10 Types of Robocall Scams Explained!

  93. Top 10 VoIP Vulnerabilities You Must Know About

    Top 10 VoIP Vulnerabilities You Must Know About

  94. Top Challenges for Carriers in Identifying and Curbing Illegal Robocall Traffic from Upstream Carriers

    Top Challenges for Carriers in Identifying and Curbing Illegal Robocall Traffic from Upstream Carriers

  95. Troubleshooting 4XX Series SIP Call Failures using SIP Traces

    Troubleshooting 4XX Series SIP Call Failures using SIP Traces

  96. Troubleshooting 5XX Series SIP Call Failures using SIP Traces

    Troubleshooting 5XX Series SIP Call Failures using SIP Traces

  97. Understanding Global RTP Servers (Lowest Latency Possible, High Availability)

    Understanding Global RTP Servers (Lowest Latency Possible, High Availability)

  98. Understanding Network Address Translation (NAT) - A Beginner's Guide

    Understanding Network Address Translation (NAT) - A Beginner's Guide

  99. Understanding the 9 Key Objectives of a VoIP Network Security Audit

    Understanding the 9 Key Objectives of a VoIP Network Security Audit

  100. Understanding the Complete Scope of a VoIP Network Security Audit

    Understanding the Complete Scope of a VoIP Network Security Audit

  101. Understanding the Crucial Role of Session Border Controllers in Carrier-Grade VoIP Networks

    Understanding the Crucial Role of Session Border Controllers in Carrier-Grade VoIP Networks

  102. Understanding VoIP Anycast Load Balancing

    Understanding VoIP Anycast Load Balancing

  103. Understanding What a PBX System is and How it Benefits Your Business

    Understanding What a PBX System is and How it Benefits Your Business

  104. Unlocking the Power of Voice - AI Voice Agent Explained

    Unlocking the Power of Voice - AI Voice Agent Explained

  105. VoIP Carrier Network Components - Understanding Session Border Controllers

    VoIP Carrier Network Components - Understanding Session Border Controllers

  106. VoIP Carrier Network Security - How to Conduct Security Audit?

    VoIP Carrier Network Security - How to Conduct Security Audit?

  107. VoIP Carrier's Ultimate Guide to Cleaning Up Their Traffic

    VoIP Carrier's Ultimate Guide to Cleaning Up Their Traffic

  108. VoIP Interconnects - Learning How VoIP Carrier Connect and Exchange Traffic

    VoIP Interconnects - Learning How VoIP Carrier Connect and Exchange Traffic

  109. VoLTE - An Evolution in Voice Communication

    VoLTE - An Evolution in Voice Communication

  110. WebPones Explained: Understanding Web-Based Telephonic Communication

    WebPones Explained: Understanding Web-Based Telephonic Communication

  111. WebRTC 101 - The Best Guide for Beginners

    WebRTC 101 - The Best Guide for Beginners

  112. What Are SIP Traces - A Beginners Guide

    What Are SIP Traces - A Beginners Guide

  113. What Are The Top 10 Essential Call Center KPIs?

    What Are The Top 10 Essential Call Center KPIs?

  114. What Are VoIP Gateways and How Do They Work? A Comprehensive Guide

    What Are VoIP Gateways and How Do They Work? A Comprehensive Guide

  115. What is a Contact Center and Why Does Your Business Need One?

    What is a Contact Center and Why Does Your Business Need One?

  116. What is an AI Calling System?

    What is an AI Calling System?

  117. What is Robocall Mitigation Database? A Guide for Carriers and VoIP Operators

    What is Robocall Mitigation Database? A Guide for Carriers and VoIP Operators

Understanding the 9 Key Objectives of a VoIP Network Security Audit

The line, “the devil is in the details” holds a lot of significance when it comes to the security of a VoIP network and its infrastructure. We already know the significance and importance of conducting a VoIP Network Security Audit.

Yes, it secures your network but how does it do so? What objectives should a good VoIP network security audit aim to accomplish? You see, without a detailed plan and brief, one will not achieve the desired results from a security audit.

Knowing the details of what each objective entails and how it is executed will help you secure your VoIP network properly.

We shall take a deep dive into all the important objectives of the audit. This will help you understand what needs to be achieved for each objective.

When executed properly, each accomplished objective will add tremendously to the improvement in the security for your VoIP network.

Let’s begin then, shall we?

1. Identify Vulnerabilities

Identify Vulnerabilities

A VoIP network security audit is essentially a comprehensive examination of the network's infrastructure and practices. The aim is to identify any weaknesses or potential points of exploitation.

This meticulous scrutiny serves as a crucial first step in ensuring the confidentiality, integrity, and availability of voice communications.

During the audit process, various techniques such as vulnerability scanning, penetration testing, and code review are employed to uncover vulnerabilities.

Once identified, these vulnerabilities can range from insecure configurations to software flaws or inadequate access controls. By identifying these vulnerabilities, organizations can then take targeted actions to address them.

This may involve implementing many actions. Some of which are robust encryption protocols to protect against eavesdropping, enhancing access controls to prevent unauthorized access, or fortifying network defenses against potential threats.

By shedding light on vulnerabilities, organizations gain insights into potential security threats. They can make informed decisions on allocating resources and prioritizing security measures.

This proactive approach helps safeguard sensitive data and maintain uninterrupted service availability. Compliance with industry regulations and standards, such as HIPAA or PCI DSS, where applicable, can also be ensured.

2. Threat Detection

Threat Detection

The core objective of threat detection is to establish a proactive defense mechanism against potential security risks and vulnerabilities within the VoIP infrastructure.

This strategic endeavor leverages a suite of techniques and sophisticated tools to continuously monitor and analyze the entire network. Through this ongoing surveillance, any suspicious activities and anomalies are promptly identified.

The audit achieves this by scrutinizing various aspects of the VoIP network. This includes call traffic patterns, user authentication logs, and system logs. It keeps a watchful eye for telltale signs of unauthorized access attempts, unusual traffic spikes, or payloads that could indicate malicious intent.

By swiftly detecting and responding to these emerging threats, organizations can effectively neutralize potential security breaches, data compromises, or service interruptions.

In essence, a VoIP network security audit serves as a vigilant guardian. It tirelessly scans the digital realm for signs of danger.

Its mission is to ensure the early detection and proactive response to any security vulnerabilities or threats. Thereby bolstering the overall security posture of the VoIP communication system, safeguarding its integrity, confidentiality, and service availability.

3. Data Protection

Data Protection

You’d be surprised to know the level and amount of sensitive information that changes hands over a voice call. No customer wants this information to leak and make its way into the hands of any bad actors.

So to safeguard the confidentiality, integrity, and availability of sensitive information transmitted over the network is an important objective of a VoIP Network Security Audit.

Such audits aim to fortify data protection by meticulously evaluating the VoIP infrastructure and associated practices. This involves assessing the encryption mechanisms, access controls, user authentication, and overall security of the network.

By doing so, a VoIP network security audit helps to ensure that sensitive voice data remains shielded from eavesdropping or interception.

Furthermore, the audit assists in the prevention of data tampering or unauthorized access. It accomplishes this by identifying vulnerabilities in the system.

Which, if exploited, could compromise data integrity or enable unauthorized parties to gain access to valuable voice communications. By detecting these weaknesses, the audit facilitates timely remediation.

Additionally, the audit ensures uninterrupted availability of voice data by identifying and addressing vulnerabilities that may lead to service disruptions or downtime.

4. Compliance Assurance

Compliance Assurance

Considering the important role communication plays in the functioning of our world, the regulators and lawmakers rightly want to keep everything in check. Their objective is simple, safe and accessible communication for all parties involved.

A VoIP network security audit thus, also ensures that the VoIP infrastructure adheres to industry-specific regulations and security standards.

It helps accomplish this by meticulously examining the network's configuration, policies, and practices in alignment with relevant compliance requirements.

These requirements could include industry-specific regulations like HIPAA (Health Insurance Portability and Accountability Act) for healthcare or PCI DSS (Payment Card Industry Data Security Standard) for payment processing.

During the audit, assessors evaluate whether the VoIP network complies with mandated security controls, data protection measures, and privacy standards. They also verify that appropriate documentation and records are in place to demonstrate compliance efforts.

By conducting this audit, organizations can ensure they meet legal obligations, protect sensitive data, and reduce the risk of regulatory fines or legal consequences associated with non-compliance.

5. Incident Response Readiness

Incident Response Readiness

Things go wrong at times and when they do it's quite unexpected and you’re caught unprepared. Therefore, it's always advisable to be prepared for any possible incidents.

An Incident response readiness seeks to ensure that an organization is well-prepared to detect, respond to, and recover from security incidents affecting its VoIP infrastructure.

This is achieved by evaluating the effectiveness of incident response plans, procedures, and resources in place. A VoIP network security audit helps accomplish this goal by rigorously examining the existing incident response framework.

Assessors assess the organization's ability to identify and mitigate security incidents promptly. They scrutinize the effectiveness of incident reporting and escalation processes. The coordination among various stakeholders involved in incident response is also put to the test.

Organizations can identify weaknesses or gaps in their incident response capabilities, enabling them to implement improvements proactively through this audit.

Furthermore, it also assesses the organization's capacity to recover from incidents swiftly and efficiently, minimizing potential disruptions to VoIP services.

6. Access Control Validation

Access Control Validation

Imagine what would happen if random people ended up with the keys to your house or the password to your bank account. Sounds terrifying, doesn't it? Something similar if not scarier can happen if bad actors gain access to your VoIP network.

The central objective of access control validation is to ensure that the appropriate safeguards are in place to control and manage user access to VoIP resources and sensitive communication data.

This is achieved by thoroughly assessing the effectiveness of access control mechanisms. It Includes thorough checks of authentication processes, authorization protocols, and user privilege management within the VoIP network.

A VoIP network security audit helps accomplish this goal by meticulously examining the configuration settings, user account management practices, and the enforcement of access controls.

During the audit, assessors scrutinize user authentication methods to verify that only authorized personnel can access the VoIP system. They evaluate role-based access controls to ensure that users have appropriate permissions for their responsibilities.

Additionally, assessors examine the enforcement of least privilege principles to restrict users' access to only the resources necessary for their tasks.

7. Vendor Risk Management

Vendor Risk Management

No business runs completely independently of other providers. Businesses use so many pieces of technology to provide their services. For instance, every VoIP carrier needs a call switching platform, a CRM, billing platform and other tools.

These tools can act as gateways and provide access to your VoIP networks if not secured properly.

Vendor risk management involves evaluating and mitigating the security risks associated with third-party vendors or service providers who have access to or influence over the organization's VoIP infrastructure.

A VoIP network security audit helps accomplish this goal by comprehensively assessing the security practices, policies, and controls of these vendors. This is done to ensure they align with the organization's security requirements and industry standards.

Assessors examine the contractual agreements and service-level agreements (SLAs) with vendors to identify security-related obligations and responsibilities.

They also scrutinize the vendor's security protocols, data handling practices, and their own vendor risk management procedures. Furthermore, the audit provides a mechanism for organizations to communicate their security expectations to vendors.

It allows organizations to make informed decisions about vendor selection, contract negotiations, and ongoing vendor relationships. This ultimately reduces the risk of security incidents and data breaches related to vendor interactions.

8. Security Awareness

Security Awareness

Humans are still the weakest link in the security of any tech based business. Over 90% of cyberattacks rely on social engineering to gain access to a business’s network.

When I read the stats, I felt the numbers were exaggerated, however, the numbers are backed up by research and proof.

The objective of creating security awareness is to educate and sensitize all stakeholders, including employees, contractors, and users, about the importance of security practices and protocols in safeguarding the VoIP infrastructure.

It aims to instill a culture of vigilance and responsibility, making everyone aware of potential threats and their role in preventing security breaches.

During the audit, assessors assess the level of awareness and adherence to security policies and procedures among personnel. They evaluate training programs and access control protocols, shedding light on areas that may require improvement.

By conducting this audit, organizations can identify gaps in security awareness and develop targeted training and awareness campaigns to address them.

Moreover, the audit serves as a wake-up call, making stakeholders acutely aware of the real-world threats that VoIP networks face.

9. Recommendations and Remediation

Recommendations and Remediation

The audit will reveal a lot of gaps and weaknesses in the security of the VoIP infrastructure. The next step would involve getting recommendations and action plans to mitigate the observed risks and secure the network further.

Recommendations and Remediation aims to guide organizations in fortifying their VoIP infrastructure and practices, ultimately enhancing the overall security posture.

A VoIP network security audit helps accomplish this goal by systematically analyzing the audit findings and categorizing identified issues by severity. This is followed up by proposing specific measures to mitigate or eliminate these risks.

During the audit process, assessors offer detailed recommendations for remediation. These recommendations encompass a wide range of actions, from technical adjustments to policies and procedures enhancements.

Organizations receive a roadmap for improving their security defenses. This includes measures such as patching software vulnerabilities, strengthening access controls, encrypting sensitive data, and enhancing user training and awareness.

Moreover, the audit assists in prioritizing remediation efforts based on the severity and potential impact of each vulnerability.

Conclusion

In conclusion, delving into the objectives of a VoIP network security audit has been a revealing journey. We've uncovered the multifaceted goals and shedded light on why it's crucial to conduct a network security audit.

From protecting sensitive conversations to thwarting unauthorized access and ensuring service availability, a VoIP network security audit serves as a vigilant guardian.

It navigates the intricate terrain of data protection, compliance assurance, and vendor risk management. Thus ensuring that no stone is left unturned when it comes to securing your VoIP Network.

  1. 1. Identify Vulnerabilities

  2. 2. Threat Detection

  3. 3. Data Protection

  4. 4. Compliance Assurance

  5. 5. Incident Response Readiness

  6. 6. Access Control Validation

  7. 7. Vendor Risk Management

  8. 8. Security Awareness

  9. 9. Recommendations and Remediation

  10. Conclusion