The time to start planning for a security threat isn’t during a virus outbreak or immediately after you discover funds transferred within your banking accounts. Decisions and judgments made during this time are typically driven by emotion and not facts. The time to make those cyberthreat plans is now.
Things to consider when you’re planning:
- Physical access to your building(s)
- What to do with lost or stolen mobile devices
- PCI (payment card industry) compliance requirements
- Data-breach incident response
- Threat monitoring
Here’s where your IT department or vendor comes in. Don’t wait to reach out for the expertise needed to develop and evaluate your “cybersecure” plan.
There are great resources out there for businesses that just don’t know where to begin with cybersecurity. At fcc.gov/cyberplanner, you’ll find a customizable guide to how to get started with operational and organizational planning.
Alan Edwards, CISM, is chief information officer at Computerware, Inc., in Vienna, Virginia.