In today’s world, it’s not”if” you get hacked but “when.” All businesses are at risk of falling victim to a cyber attack no matter their size, type or industry. While a strong security strategy was enough in the past, it’s no longer sufficient as organizations need a successful incident response plan to easily recover once they’ve been breached.
Let’s first determine your cyber score by taking the quiz above and book a discovery meeting with our technology consultant to discuss cybersecurity next steps…
Organization with a reduced risk of a cyber attack follow security best practices and have:
☑️ A comprehensive cyber liability insurance is in place and has adequate coverage to protect my organization.
☑️ Ongoing technical business reviews with their IT provider focused on asset management and security risk management.
☑️ Implemented an “ongoing” security awareness training program that includes comprehensive training, phishing emails and testing.
☑️ Multi-factor authentication used for remote access to internal computers (remote desktop gateway or VPN).
☑️ Critical data identified and imaged-based backups that are restorable in the cloud.
☑️ Folder redirection or cloud solution with data backup for local desktops and remote users.
☑️ Local area network protected by a firewall that has comprehensive gateway security software enabled and DPI/SSL.
☑️ Password complexity policies implemented and changed every 90 days and manageable through Active Directory.
☑️ Evaluated and deployed all operating systems and 3rd party application patches in a timely manner.
☑️ Taken corrective action if devices are found to be out of compliance or have errors.
☑️ Deployed next gen behavior-based anti-virus software to all PCs.
☑️ Implemented and audited Office 365 security policies quarterly.
☑️ MFA enabled on all users.
☑️ Backed up Microsoft platform.
☑️ Comprehensive anti-spam protections in use on all email accounts.
☑️ Written IT policies that govern the use of computers, passwords, mobile devices, email, confidential data, social media, physical security, WiFi, etc.
☑️ A written incident response procedure & crisis management plan.
☑️ End Point Device Management security precautions in place for all devices holding business data including BYOD devices.
☑️ Yearly backup and disaster testing done to verify disaster procedures and recovery of IT systems.