When was the last time your organization did an assessment of its cybersecurity preparedness? October was designated as Cybersecurity Awareness Month. Even though October is coming to a close, it is important to continue your cybersecurity awareness efforts all year long. A good place to start is with an assessment of your organization’s cybersecurity preparedness.
A cybersecurity preparedness assessment should include consideration of the following questions:
- Have you adopted an organization-wide commitment to cybersecurity preparedness?
- Have you considered whether you have adequate cybersecurity insurance coverage?
- Have you conducted a risk assessment to identify what information assets you have, where those information assets are located, and the types of security threats that are posed to those assets?
- Have you drafted and implemented privacy and security policies and procedures?
- Are you keeping your systems and antivirus programs updated?
- Are you securing and tracking your mobile devices?
- Have you developed and implemented an Incident Response Team and Plan?
- Have you conducted employee training including, for example, training on password hygiene, encryption, mobile device security, and phishing emails?
- Have you considered whether you have an adequate back-up system in place?
If you answered "no" to any of these questions you may not be as prepared as you should be. While you may not be able to eliminate the possibility of a cybersecurity incident, preparedness is key in reducing the likelihood of such an incident and reducing the potential negative impacts of an incident.
We can help you assess your cybersecurity preparedness and put a plan in place to reduce your risk. Please contact the Steptoe & Johnson PLLC Cybersecurity Team.
Be cybersecurity aware all year long!