CompTIA’s Cybersecurity Advisory Council publishes “Are We Safe?” a guide to assessing cybersecurity risks, policies and practices for leaders at organizations large and small.
The Council is made up of business and technical experts whose mission is educating and enabling executives to collaborate and communicate in ways that increase vigilance and improve solutions. In this spirit, the group developed a set of questions that all business leaders should ask.
Here are three we consider most critical:
- “Do we keep a live inventory of assets?” “Maintaining—and continually updating—an accurate inventory of both physical and virtual assets, including all devices, licenses and policies is critical to help determine your cyberposture and vulnerabilities,” according to the guide. Key areas to review regularly include hardware and software, data and policies.
- “Are my employees properly educated about cybersecurity threats?” Don’t just supply staff with information. “It’s more important to show them why they need to understand the information and the ramifications for failing to act appropriately.” The guide advocates random testing as an effective training technique, as the practice leads to more cautious behavior.
- “If we were hit by a major attack, how confident are you that we could recover quickly?” The guide emphasizes that three plans should be in place before an incident occurs: incident response, disaster recovery and business continuity.
Contact us for help answering these important questions so that your business never suffers any significant downtime.