Janelle Drolet, vice president of operations and sales for Framingham-based cybersecurity consulting firm Towerwall, offers some advice on cybersecurity resilience.
Get Instant Access to This Article
Subscribe to Worcester Business Journal and get immediate access to all of our subscriber-only content and much more.
- Critical Central Massachusetts business news updated daily.
- Immediate access to all subscriber-only content on our website.
- Bi-weekly print or digital editions of our award-winning publication.
- Special bonus issues like the WBJ Book of Lists.
- Exclusive ticket prize draws for our in-person events.
Click here to purchase a paywall bypass link for this article.
8) With a cyberattack or data breach, containment is all important, otherwise business continuity is not possible. Priority one is protecting your crown jewels: your critical data and assets. By identifying these upfront, organizations ensure the most valuable assets are safeguarded.
7) Everyone in your organization should be aware of the many cyber risks, what they are capable of, and how to prevent and block them. Having a resilient security plan well mapped out and tested is not a luxury; it’s a necessity to protect against sophisticated threats.
6) Train employees to recognize a phishing scam. Users are the weakest link, but also the first and last line of defense. Adopt a sense of urgency in preventing cyber incidents. Shorten the time it takes to identify the intrusion. The faster the security response, the sooner the recovery, with minimal loss to business and reputation.
5) Secure commitment from management, which should offer oversight on cybersecurity. Security is not just an IT issue but a collective responsibility of everyone.
4) Make sure the security strategy helps achieve business objectives. A strong alignment will avoid conflicts and help everyone understand the role cybersecurity plays in contributing to the company's mission, fostering a culture of accountability, awareness, and responsibility.
3) Integrate security priorities early in project discussions and avoid the afterthought approach to security. This should help with cooperation and collaboration. Having a plan that lays out cybersecurity policies and procedures can prevent vulnerabilities from being overlooked.
2) Be conditioned like an athlete for preparedness. Conduct regular reviews of defenses, regulations, and compliance requirements. This includes auditing and testing defenses, such as running phishing simulation exercises, scanning for endpoint vulnerabilities, and rehearsing procedures.
1) You can't always prevent cyber incidents, but you can be ready to respond and recover from them. Cybersecurity is an ongoing journey. It requires vigilance and practice, controls like password managers and multi-factor authentication, employee participation, and a commitment to a culture of security awareness.
