Small Business Cybersecurity Toolkit- Part 2 of 2

Your Sensitive Data

Every business has intellectual property that is the basis for which you have built a company. Ensuring that the data is protected is of the highest priority. They should be aware of where the data is stored and processed as well as any/all information that is transmitted. Managers should be an integral part of contingency plans involving data system recovery in the event of a system problem and confirming single and multiple backup locations.

  • Know what data resides on the network and where and maintain consistent inventories of all sensitive and/or critical information.
  • Create a standard procedure of regular automated backups and design key system redundancy.
  • Know the methods that protect the data including physical security, offline copies, and encryption.
  • Enhance the system with malware protection.
  • Maintain constant updates on all security software.
  • Monitor and manage the status of the network and any peripheral components including host and device, user activities, and data-at-rest and in-transit.

Response to Compromise

Have a response/recovery strategy in the case of a system attack and/or compromise. Fast and efficient response by all staff responsible will reduce risks.

  • Have a relationship with a professional cybersecurity company to assist in the development of risk analysis, response to an incident, and disaster recovery plan in place. The plan must outline all responsibilities, contact levels, and roles and be consistently tested.
  • Have an emergency contact list of all individuals and organizations to contact for help including vendors, outside partners, law enforcement, industry responders.
  • Identify which systems require priority recovery to assist in business impact.
  • Create an internal reporting structure for detecting, reporting, and communicating to reduce any attack crisis.
  • Have actions ready to put in place in-house to limit or contain any cyberattack impact.

The Order of Bringing System Back Online

There should be an organizational list of what to do in case of a system breach or cyberattack that may have affected your system or network. All staff members should be alerted as to who is responsible and the communication methods and check-off areas of each step.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Sharon @ Da Vinci Cybersecurity

Sharon @ Da Vinci Cybersecurity

102 Followers

CEO of Da Vinci Forensics, a Cyber Security Company. #Cybercrime, #DigitalForensics #Marketing #Digital #Marketing #Risk #Management #Strategy #lifelessons #