5 Fundamental Steps for Cyber Security
Every business connected to a network is data rich target for cybercriminals. “Ransomware,” which was a term rarely unheard of until a few years ago, is now a daily threat. IoT hacking, DDoS attacks, and internal threats are all a reality today as well, making the job of IT security teams never complete. And as cyber threats and attack methods evolve, so must the way businesses think about IT security.
Michal Zanga, formerly of the Royal Bank of Scotland, stresses that having a cyber security policy document in place is the first step in protecting businesses data and other digital assets from malicious actors. “You have to start with a policy in place,” says Zanga, “and it has to be comprehensive across the organization.” But the policy is just that-a first step in a series of actions IT teams and businesses must commit to and stay on top of.
The whitepaper CISO Best Practices: The Starting Point for Cyber Security -- available to members of Consortium -- is based on the premise that, at some stage, all networks will face attacks that expose flaws in the system. On top of building a stakeholder approved policy document, the article covers four additional steps IT teams should take in order to be prepared for when the attack happens. These additional steps include:
- Assume you will be breached and develop a response plan
- Using external parties to test the system and obtain valuable, independent assessment data on how to strengthen current and future security posture.
- Addressing the internal and external channels, including those that may come from stakeholders and employees.
- Planning ahead and instituting a system for promptly addressing ongoing changes.
Join Consortium today to get access to the full article along with other information that will help keep your data, digital assets, and business brand secure.