Janelle Drolet is vice president of operations and sales for Towerwall, a cybersecurity consulting firm in Framingham.
Updated: September 30, 2024
Advice
8 Things I know about … Cybersecurity resilience
By Janelle Drolet
8) With a cyberattack or data breach, containment is all important, otherwise business continuity is not possible. Priority one is protecting your crown jewels: your critical data and assets. By identifying these upfront, organizations ensure the most valuable assets are safeguarded.
7) Everyone in your organization should be aware of the many cyber risks, what they are capable of, and how to prevent and block them. Having a resilient security plan well mapped out and tested is not a luxury; it’s a necessity to protect against sophisticated threats.
6) Train employees to recognize a phishing scam. Users are the weakest link, but also the first and last line of defense. Adopt a sense of urgency in preventing cyber incidents. Shorten the time it takes to identify the intrusion. The faster the security response, the sooner the recovery, with minimal loss to business and reputation.
5) Secure commitment from management, which should offer oversight on cybersecurity. Security is not just an IT issue but a collective responsibility of everyone.
4) Make sure the security strategy helps achieve business objectives. A strong alignment will avoid conflicts and help everyone understand the role cybersecurity plays in contributing to the company's mission, fostering a culture of accountability, awareness, and responsibility.
3) Integrate security priorities early in project discussions and avoid the afterthought approach to security. This should help with cooperation and collaboration. Having a plan that lays out cybersecurity policies and procedures can prevent vulnerabilities from being overlooked.
2) Be conditioned like an athlete for preparedness. Conduct regular reviews of defenses, regulations, and compliance requirements. This includes auditing and testing defenses, such as running phishing simulation exercises, scanning for endpoint vulnerabilities, and rehearsing procedures.
1) You can't always prevent cyber incidents, but you can be ready to respond and recover from them. Cybersecurity is an ongoing journey. It requires vigilance and practice, controls like password managers and multi-factor authentication, employee participation, and a commitment to a culture of security awareness.
WBJ Web Partners
Most Recent
Most Recent
0 Comments