Cybersecurity New Year Resolutions
With the start of a new year and a new decade, now is the time to reflect on your company’s past and future cybersecurity challenges. A recent article by Forbes highlights some cybersecurity goals with a “proactive, risk-informed” perspective. There are many initiatives an organization should consider to prepare for future cybersecurity obstacles.
The best place to start would be hiring a Chief Information Security Officer (CISO) with a deep understanding of “security risk assessment methodologies.” This individual must be able to communicate with various stakeholders. Many companies may not have the budget to hire a CISO; however, there are opportunities to hire a virtual CISO. Whichever route you take, the CISO should be a “strong security leader with an executive presence who understands security risk while simultaneously promoting business objectives.” Cybersecurity must be led from the top down to emphasize the importance of this matter.
Proactive risk management measures can have a significant impact on an organization. Below are some actionable items that organizations can take to strive to improve in 2020.
- Start 2020 with a message from the CEO about the importance of cybersecurity.
- Hire a security leader to implement a cybersecurity strategy.
- Continually assess your cybersecurity risk, including hardware, software and inventory.
- Implement a vendor-risk management program.
- Communication is critical. Every quarter set expectations for executives and review goals and progress.
- Be prepared. Continue to have employee training and have an incident response plan in place if a breach were to occur.
These action items are a great guideline and starting point for any organization to follow. Preventive measures are beneficial, but it is impossible to mitigate all risks completely. In addition to these steps, engaging a consultant who is well-versed in cyber liability coverage options can help you build customized protection for your organization. Speak to an advisor at RCM&D to determine which policy covers your organization and its risks.