Developing a practical and effective cyber security plan is vital to incorporating security into your organization’s risk management strategy. A common misconception is that a cyber security plan is lengthy and difficult to follow. However, that does not have to be the case. Below are COMPASS’ recommended 5 steps for your cyber security plan.
- Threat Identification and Analysis
Every organization has a unique set of threats based on their industry, size, types of devices they use, geographical location, political affiliation, etc. It’s important to understand these threats and how they relate to your organization. For example, a business that focuses on generating revenue through online sales would be affected more from a denial of service attack or other website-related threats than a company that only uses their site for distributing content. Performing a threat analysis will help your organization identify which threats pose the greatest risk so you may develop your security plan accordingly.
- Baseline Assessment
Before investing in new firewalls, antivirus software, laptops, etc. organizations must assess their weaknesses through a cyber security assessment. The assessment of your organization should provide insight into IT vulnerabilities, policies and procedure gaps, and employee training weaknesses. The assessment should also consider any compliance standards or regulations that your organization must meet such as PCI, NIST, HIPAA, FERPA, SEC, etc. It is important to undergo an assessment so that you are able to allocate and prioritize the proper resources to fill gaps as needed.
- Map Assessment Findings to Threats
Assessment reports can often be overwhelming for organizations. The findings reveal many vulnerabilities, both from a technical and non-technical perspective, and it can be difficult to put these into context for your organization. Using the threat analysis from step 1, the findings of the assessment can be prioritized. For example, if a high threat to your organization is a ransomware attack and your assessment shows that your employees are likely to click on phishing links, security training should be a top initiative going forward. This process enables you to develop a roadmap to address the assessment findings.
- Remediate High Priority Findings
Based on the prioritization in step 3, work to address the most critical vulnerabilities, then shift your focus to the high, medium, and low level vulnerabilities respectively. Many of the vulnerabilities identified from a technical perspective can often be addressed through software and/or firmware patch updates, which makes it easier to remediate a large portion of the findings.
- Plan for Routine Maintenance
Just like you should make routine doctor and dentist appointments, it’s important to schedule regular maintenance to assess and strengthen your organization’s security posture. New technical vulnerabilities are discovered each week, making it crucial that you stay up-to-date on the latest updates. Periodic employee training webinars and seminars can also help your team better identify and report security threats. Policies and procedures should be examined at least annually to identify necessary changes based on emerging technologies, new applications, process changes, etc. Routine maintenance will help your team proactively identify new threats and vulnerabilities before they give way to a data breach.
Follow these five steps and you’ll be on your way to a stronger security posture! To learn more about these 5 steps, download The CyberGuide podcast on iTunes and SoundCloud. If you’d like to discuss these steps further or have questions regarding your specific organization’s threats, please feel free to CONTACT US.