October is Cybersecurity Awareness month. Hoping to fly below the radar of cybercriminals is not an effective cybersecurity defense strategy. All businesses need a set of tools they can use to defend against cyber threats -
a cybersecurity tool kit.
WHAT SHOULD BE IN YOUR COMPANY'S CYBERSECURITY TOOL KIT?
No. 2- Written Information Security Plan (WISP)
. Assign responsibility and access rights to the different types of data based on the level of sensitivity of the data in your company. Remember, cybersecurity is not just and IT issue.
No. 3 - Acceptable Use Policies (AUP).
Create short and succinct policies on technology usage in the workplace. This should include use of email, mobile devices, Web browsing, social media, remote access and more.
No. 4 - Physical Workplace Security Policy
. Ensure your physical workspace area is secured. Your company should also have a policy that establishes expectations about physical securing of technology equipment, document retention, trash removal and shredding, the need for security cameras, door locks and alarm systems.
No. 5 - Password Management.
Prioritize different levels of encryption and password security based on sensitivity of data.
No. 6 - Insurance
. No matter how robust your cybersecurity toolkit is, no company is immune to attack. Your company should understand whether and to what extent its insurance policies cover cyberattack incidents and damages caused.
No. 7 - Incident Response Plan
. If and when your company is the victim of an attack, your company should have a plan in place for how to respond.
No. 8 - Training
. Last and definitely not least - the best laid plans are worthless if employees are not trained to follow them. Every company should invest in annual cybersecurity training for its employees.
For more information about managing a Cybersecurity Toolkit, contact Mendoza Law, LLC at (651) 330-8062, or attend our next Cybersecurity Seminar hosted in conjunction with the Midway Chamber of Commerce on January 27, 2017.