Ransomware and hacking is a major problem and effective cyber security is the only way to safeguard your operations and assets. The risk of not taking care of business is losing your business.
10 QUICK THOUGHTS TO PROTECT YOUR OPERATIONS:
External Penetration Testing – Find out who can access your systems and network from the outside.
Web Application Testing – Gain insight into whether your external facing applications are secure.
Patching – Get your systems updated and make sure they stay current.
Anti-Virus & Anti-Malware Solutions – Use a state-of-the-art solution and make sure they are configured correctly and fully updated.
Next Generation Firewalls – If your firewalls are older than 3 years, consider replacing them with next-gen technology that screens inbound traffic and updates in real-time.
Incident Response Plans (IRP) – If you suffer a cyber-attack, you will need IRP that works.
If you have a plan, makes sure it reflects your current infrastructure and operations, and test it before you need it to make sure it is effective.
If you don’t have an IRP, create one now.
Business Continuity Plan (BCP) – A BCP is another must-have. It should take you step-by-step through the process of restoring your systems and operations in the event of a cyber incident.
If you have a BCP, confirm that is current and test it to make sure it works. If you don’t have a BCP, don’t delay in creating one.
It is the difference between successfully restoring your operations or failing and possibly being crippled for an extended period of time.
Email Phishing Tests – Understand who in your organization knows what to open, and what not to open.
Security Awareness Training – This is a must for every employee in every organization.
It should mandatory for every employee at a minimum of every 90 days.
People forget and new attack vectors are being created daily.
Designate a Chief Information Security Officer (CISO) – The CISO oversees and is responsible for all data security operations and initiatives.
If you don’t already have a CISO, you need one, and if you can’t afford one, consider a Virtual CISO.
We areJANUS Associates, and our mission is dedicated to improving the information security of our clients, and society at large. In business since 1988, JANUS offers a full range of high-quality cyber security, privacy, and regulatory compliance services at affordable costs.