So, let's assume that you are in an international company and the first and only security person. What are your first steps and projects? It is like really vague, but I'd assume like a SIEM, inventory of the network and all devices, backup situation, maybe even honeypots?
What are your high-prio things that every company should have? Is there even a framework for it?
Feeling kinda lost and I hope you get some guidance in the right direction.