If you are a business owner or organization manager, you are responsible for ensuring your continued operations. One very important factor is that your information technology (IT) continues to operate efficiently while protecting your customers, constituents, employees, etc.
The following are some questions you should ask yourself about your organization and then ensure you address the results via a good cyber security program.
- Has your organization experienced a data breach? How would a breach affect your operations? What would you do? Who would you call?
- What information is held within your network that is critical? That is, would be disastrous if stolen, made public, made unavailable to you, or changed in a way that you could no longer confirm its authenticity?
- On average, following a cyber attack, organizations are down for 14 days. If your organization could not access its network, could you continue to operate? Could you access your accounts, client/constituent information, do business, pay bills, pay employees, etc.?
- What kind of training do you provide your employees on cyber security? For example, how to detect phishing scams, protecting passwords, protocols for working remotely, etc.
- How often do you do backups and where are they maintained?
- Do you have a cyber incident response plan and, if so, when was the last time you practiced it?
- Does your organization have cyber insurance? If so, what are the requirements that you must meet (proactive security measures, response protocols, etc.) in order for a claim to be approved (paid)?