The time to start planning for a security threat isn’t during a virus outbreak or immediately after you discover funds transferred within your banking accounts. Decisions and judgments made during this time are typically driven by emotion and not by facts. The time to make those cyberthreat plans is now.
Things to consider when you’re planning:
• Physical access to your building(s)
• What to do with lost or stolen mobile devices
• PCI (payment card industry) compliance requirements
• Data-breach incident response
• Threat monitoring
Your IT department or provider is there to help you evaluate your “cybersecure” plan. And there are great resources available for businesses that just don’t know where to begin with cybersecurity. Take a look at fcc.gov/cyberplanner for a customizable guide to getting started with operational and organizational planning.
Alan Edwards, CISM, is chief information officer at Computerware, Inc., in Vienna, Virginia.