• Skip to main content
  • Skip to footer

Commonwealth Sentinel

Cyber Security for local government, non-profits and small business

MENUMENU
  • Home
  • About Us
    • Sheri Donahue
    • Leo Haggerty
    • Careers
  • Services
    • Vulnerability and Threat Evaluation
    • Transformation Management
    • CISO Management Services
    • Incident Response Management
  • News
  • Blog
  • FAQs
  • Contact Us

commonsent / April 7, 2022

Five Questions Leaders Should Ask About Cyber Security

An organization leader, county judge, mayor, or company president does not necessarily have to know everything about cyber security nor are they expected to unless you run a cyber security company. However, they should at least ensure their team can adequately answer some basic questions.

  1. What do we have, and what needs to be protected? You cannot protect what you don’t know you have. Therefore, the first step in implementing a cyber security solution is to determine what are your “crown jewels” – that is, what data and operations are most valuable to your organization’s survival. Additionally, managers should know the basic “W’s”.
    • Who holds and is responsible for the data and operations? Who has access to the data?
    • What sensitive information do we hold (e.g., PII and credit card information)?
    • Why do we retain this information? Is it necessary for our operations?
    • Where do we store data, and is it encrypted? Is it physically safe from natural disasters, etc.?
  2. What is our cyber risk, and what is our risk tolerance? This will help everyone on the team understand what you are willing to accept and what MUST be protected.
  3. Are we spending enough of our IT budget on security? While most organizations spend between 3% and 10% of their overall IT budget on security, managers should understand that there is an initial outlay to do assessments, implement technology and develop policies before the monthly fee, which will be less and cover continuing monitoring, scans, and training.
  4. What is our plan if something were to happen? Having a continuity of operations plan is critical to ensuring you can continue operating or return to operations quickly. It is better to know what you will do ahead of time rather than trying to figure it out during a crisis. Additionally, managers often will be responsible for answering questions of the media, regulators, law enforcement, etc.
  5. How can I help to create a culture of security in our organization? Relying solely on your IT or cyber security person or team to handle the security of your organization will end in failure if the leadership does not support and encourage the implementation of a cyber security solution throughout the organization. This includes everyone accepting the installed tools, following the procedures, and participating in security training.

Filed Under: Blog

Footer

CONTACT US

COMMONWEALTH SENTINEL

1230 US Highway 127 S
Suite #5
Frankfort KY 40601
(502) 320-9885

EMAIL US

ABOUT US

Cyber security consulting for local governments, non-profit organizations, and small businesses facing the threats of the cyber world.  At Commonwealth Sentinel, we are passionate about helping people be cyber-safe!

FOLLOW US

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter
  • YouTube

Copyright © 2023 Commonwealth Sentinel

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT