Back to News & Events

Making a Cybersecurity Plan | October Cybersecurity Awareness Month

It’s the last week of Cybersecurity month and we discussed a number of threats that you face online.  To finish out our month we wanted to leave you with an action plan. Here is your 5-step plan to keep yourself safe online!

  • Identify! We have discussed ways to identify attacks on your cyber information, but this step is all about identifying key players within your company. In this step, you should make a list of all equipment that should connect to your network. You also need to identify all the roles and responsibilities within your organization. This helps you track who has access to your sensitive data, why they have access to it, and most importantly how they access it. Taking a moment to reflect on this would help you quickly identify if someone had accessed information without proper authorization.
  • Protect! This is a very important step within your cybersecurity plan! In conjunction with identifying who has access to what information, you need to control who has access and can log on to your network. You should also control who uses company equipment and how it is used. It is vital that you use security software to help field attacks.  In addition to requiring strong passwords and MFA, encrypting your most sensitive data will add even more protection. Your protection must also include proactive steps such as expressing your formal policies and expectations regarding the access and use of information as well as frequent and thorough training for all staff members.
  • Detect! Even if you have done a great job planning and protecting your organization you must continue to be diligent. Monitor all devices on your network and watch for unauthorized access to information or connections. Be quick to investigate any suspicious activities!
  • Respond! The first step in your response will be to identify and contain the attack, followed up with reaching out to appropriate authorities as needed. You must have a plan for notifying after an attack. Not only do your employees need to know about the situation but if other stakeholders would be affected, they need t know as well. Part of your response plan should include making arrangements to keep your business and operations running. You should also take time to look at your current cybersecurity policy and ensure you update it with what you learned from this current situation.
  • Recover! Once the waves from the attack subside it’s time to recover. Take time to ensure that all repairs have been made and affected parts of your organization have been addressed. Be sure to keep your employees and stakeholders informed of your response and recovery efforts.

We hope you and your company are never subject to a cyberattack, but here at CNE, we are ready to be your strategic partners in protecting your sensitive information. Contact us today to get your FREE cybersecurity checklist and discuss how to keep your business safe online!


Powered by Lapero