6 Questions to Gauge Your Preparedness
Cybersecurity crime continues to make the news on a regular basis. Water supply and meat supply are just two of the major industries recently infiltrated and compromised. And there’s really no telling where clever hackers may turn next. If there was ever a time to ensure your company has an incident response plan and is prepared in the event of a security incident, the time is now. It is a must-have component of any solid business continuity plan. To see where you stand, start with these six basic questions:
- Does your organization fall under any federal, state or industry mandated security guidelines? Ex: HIPPAA, SEC, PCI
If the answer is yes, an incident response plan isn’t a nice-to-have. It’s an absolute must-have. Start researching the guidelines and requirements in place now, and seek out a cybersecurity partner if you need help navigating what’s needed (and best) for your organization.
- Does your organization have a formalized, written security policy? Are all employees trained on this security policy?
Having a policy is great, but training is just as critical. If you don’t have a policy, that’s something to take a look at right away and should include a plan for employee roll-out communications.
- Does your organization perform any periodic security reviews?
If you’re not regularly reviewing security, you’re putting yourself at risk. Technology evolves right alongside potential vulnerabilities. Being disciplined about the evaluation of your systems and protocols will keep you a step ahead and flag opportunities to improve before they become a problem.
- Does your organization perform periodic End-User Security Awareness Training?
Everyone gets comfortable, if not complacent, at some point. Especially when you’re busy building a business and going about your day-to-day. End User Security Awareness Training helps keep people on their toes and reinforces the need to be aware and stay vigilant so you don’t unwittingly invite someone in your digital front door.
- Does everyone in your group know what to do during a security incident?
Even if you have a security policy and employees are all trained, does everyone know what to do – and in what order – should an incident occur? If something happens, response speed is critical. This is why many company IT departments engage outside IT security organizations to coordinate simulations where they can drill to perfect their response in different situations.
- Has your organization ever had a breach or security incident?
If the answer to this one is yes, it’s time to bring in a partner to objectively look at your systems and provide expert guidance on how to recover and move forward.
Entec Systems prides itself on working with clients on issues just like this. It’s part of not just being a technology partner but a business partner who recognizes the need for strong IT infrastructure, as well as a solid incident response plan. Today’s global business environment demands nothing less.