In today's connected world, everyone benefits from advanced cyber defense programs. A cybersecurity attack on an individual level can result in everything from identity fraud to extortion attempts and the loss ofessential information like family photos. Everybody relies on critical infrastructures such as power plants, hospitals, and financial services companies. Protecting these and other organizations is vital to the functioning of society.
The interconnected world we live in makes us highly vulnerable to cyber threats, including cyber warfare. These attacks not only harm companies or individuals but also cause severe damage at the state and international level since today everything is digitized, and technology is used in all social spheres.
Today, cybersecurity is one of the fundamental elements integrated into business models within companies, regardless of their size and sector.
A cybersecurity plan is a strategy that you will develop and implement in your company and as an individual to secure your information, control who, when, and how you access it and deal with any situation that may jeopardize your information's confidentiality, integrity, or availability; using a set of policies, guidelines, techniques, and technology aimed at safeguarding your technological systems that store said information.
Recommendations For Making A Cybersecurity Plan
1. Analyze your current situation
Understanding and identifying your position as a company in cybersecurity is the first step to start with the plan. An excellent practice is to carry out a risk analysis. In this way, you will be able to identify how vulnerable your company is and what risks you may face.
You can also request a report from your current provider that reveals what programs, URL traffic, content types, known and unknown threats, and potential concerns are currently traversing your network.
With the result of the risk analysis, you can focus your action plan, prioritizing the risks that you have identified with the highest probability of materializing and defining some activities to start working on.
Some questions that you should be clear about when carrying out your risk analysis are the following:
• What processes can be more critical, and what are your most valuable assets?
• In the event of an incident or attack, how many processes can you count on to continue working?
• What data does your company handle and what is in circulation?
• How is your data transmitted from source to end?
• Where is the data being stored?
• Where are the uncontrolled accesses to your network?
• How important is the data for the company or your customers?
• Who handles the company's most sensitive information?
For this phase, you can rely on internal or external auditors to help you identify any possible threat and establish an action plan.
2. Form a team of Detection and Response against cyber attacks
Evaluating the formation of an Incident Response Team - ERI, CSIRT, SOC, or MDR according to your needs, business strategy and budget will help you guarantee the detection and response of threats and the management of cybersecurity incidents in your cloud services, emails, endpoints, networks, servers, workstations, etc.
This is essential to have control of events and security alerts in your company and the certainty of having a team focused 24 hours a day on this issue. Having clear guidelines and guidelines to follow will allow you to be prepared and respond quickly, timely, and efficiently to an attack.
3. Implement cybersecurity policies and culture in the company
Typically, cybersecurity in companies is carried out by the IT areas, and, in the best of cases, there are already areas explicitly created to handle these issues. But a prevalent mistake is to think that cybersecurity is the sole responsibility of these areas.
Yes, protecting your company's information is the responsibility, especially of the stakeholders, but it is also the task of each collaborator.
You can create cybersecurity policies to reinforce the following areas:
• Use of solid passwords and renewal of the same periodically.
• Manage user privilege levels.
• Use of mobile devices.
• Safe surfing on the net.
• Correct data storage.
• Access control.
• OS updates and security patches.
• Use of email.
• Pentesting.
• Vulnerability Analysis.
• Cybersecurity training etc.
4. Implement an ISMS: Information Security Management System
The implementation of an ISMS is a strategic decision for your company. Information is a valuable asset on which the proper functioning of an organization depends, and maintaining its integrity, confidentiality, and availability is essential to achieving business objectives.
Some of the benefits of ISMS are the following:
Reduce threats to a level of risk acceptable to the organization. So if an incident occurs, the damage is minimized, and business continuity is ensured.
Cost savings eliminate unnecessary and inefficient investments such as those produced by underestimating or overestimating risks.
A security ceases to be a set of more or less organized activities and becomes a systematic and controlled life cycle in which the entire organization participates.
The company ensures compliance with the legal framework that protects the company from aspects not considered before.
The Information Security Management System accreditation helps firms compete more effectively by distinguishing them from the competition, making them more reliable, and raising their status.
ABOUT THE PRESS OFFICER
Ricoh Danielson is an Information Security and Digital Forensics professional with over 15 years of progressive experience managing Incident Response and Digital Forensic matters across a diverse group of domestic and international clients. Ricoh is experienced in cyber breaches cyber incidents and digital forensic handling for clients in the Healthcare, Financial and Retail space.Experienced in partnering directly with law firms, government agencies and private clients to provide digital forensic services for high profile and newsworthy cyber incidents.
Ricoh is a United States Army Combat Veteran and seasoned professional in the cybersecurity industry with hundreds of cases handled. Mr. Danielson has a proven ability to execute diverse, complex, and highly-sensitive situations in a timely and efficient manner while leading subordinate team members to do the same.
###