Cyber Readiness Strategy
We are going to start off April with a Cyber Readiness Strategy campaign to help keep America’s Small Businesses secure during the crisis we are now facing (and others that will come in the future). Since many businesses are closed or are allowing employees to work from home there is no better time to keep the security of your employees and your data secure while online. Now is not the time to let your guard down. Criminals strike fast and furious during a crisis to strike fear and victimize every possible target they can. Don’t be one of the victims that helps their business thrive. Follow this 12 day plan and you can prevent your business and employees from being a newsworthy statistic – because believe me the news will not be good.
We will post 12 cyber awareness and readiness strategies that will help you sleep a little better knowing you have a solid strategy for cyber readiness. By the end of the 12 strategies you will have a roadmap that will securely carry your business into the future.
Strategy Day 1
Have a Cyber Readiness plan.
With headlines full of cyber-attacks and security breaches victims, it is time to take the risks seriously. The success and survival of your business will be determined by your ability to overcome security threats or breaches. You need a cyber readiness plan that includes elements of prevention, continuity and recovery strategies.
A solid plan will incorporate a 3 point defense system. Protection, Detection and Response. By determining what you want to protect and who you are protecting it from you will have laid the groundwork for a solid cyber Readiness Plan. Let me explain these 3 points for you.[inf_infusionsoft_locked optin_id=optin_5]
In order to be successful, your business security model needs to have 3 major points. Each may have many different branches or sections. Each part is dependent on the others and will fail to function properly without their counterparts. The 3 points I am talking about are protection, detection and response.
- As an example protection would be like a door with a lock. This does real good at preventing entry by the vast majority of the population. There are some though who would pick the lock or just break the door down. This is known as the point of failure. If that is all you have in place to secure your home and family then the system breaks down and everything is as extreme risk of harm or theft.
- When you add in detection it enhances your ability to protect what you treasure. In the case of our door it often times acts as a deterrent against break in with a sign posted to let would be criminals know there is another layer of protection and their risk is greater. If they do not heed the warnings and decide to break in anyway, they will be detected and an alarm will sound and the proper authorities will be notified. If you are home this alarm will give you time to respond with your choice of defenses. You can release the guard dog or respond with firepower. There will also likely be additional response from the police who will arrive in a given period of time with an aggressive show of force in an effort to thwart any criminals efforts.
- This leaves the response part. If you have guard dogs or a gun you are doing everything in your power to stop the criminal and protect your family. If you leave this part out then what good is detection or even protection. You may as well just leave the door wide open with a sign that welcomes criminals to take advantage of your lack of effort. The same goes for the detection part. without an alarm to let you know something is happening, any response will likely come too late. You won’t know someone broke in until the morning when you wake up and realize you have been a victim of a robbery or when the criminal wakes you up with a gun in your face. Too late.
The same goes for the protection element. If you do not install a door the break in alarm will be of no use as criminals are free to come and go as they please. And as in the last scenario, response will be ineffective as well.
As you can see all three elements are necessary and dependent on each of the others in order to build an effective security plan. So to get started with a cybersecurity plan you need to answer the following questions.
- What are you trying to protect? – the answer here is NOT your server or any technology you use in your daily business operations.
- What are the likely threats? – Insiders, Hackers, Ransomware
- What would be the likelihood of the threats happening? What is the ratio or percentage of it happening in the next week, month, quarter or year?
- What would the business impact be? How valuable is what you are trying to protect? Client information, business reputation, downtime, incident response, legal fees, fines, lawsuits…
[/inf_infusionsoft_locked]When you can answer those questions then answer the next.
- Without asking your IT department how confident are you that an attack would be detected and responded to in a timely manner to avoid a catastrophe?
Lets start a conversation to learn the truth about your current cybersecurity position. Click the button below to connect.
To start building your cyber readiness plan, contact us today.