There are two sides to Common Sense Cybersecurity planning: PROTECTION and RESPONSE.
It’s no secret that organizations need to do all they can to protect themselves from attacks. In 2018 business leaders need to know their layers of protection. You don’t have to know the technical details, but leaving the entire defense understanding to the IT department isn’t wise (not to mention that you sleep better when you know your strategy). As cybersecurity threats increase, the need for additional security layers becomes more prevalent.
Some examples of protection include:
· Network firewall
· Anti-virus and anti-malware software
· Multi-factor authentication
· Security awareness training
· Internet traffic filtering
· Advanced monitoring
Protection is only half of Common Sense Security. The lesser prioritized but equally important side is how you will respond when something does happen. Many business owners will look at any breach as a failure of cybersecurity planning, but this perspective is naïve.
Recently, at the Continuum Navigate conference, I was fortunate to have a chance to connect with Ed Davis, former Boston Police Commissioner during the Boston Marathon bombing. I was surprised to learn that the Boston Police and FBI had detailed plans in place to both prevent and respond to, a terrorist bombing at the event. The plan was good, and they practiced their plan in a detailed fashion. The attack was a tragedy and it’s easy to label the prevention plan as a failure in considering the lives lost and damage done. However, in hearing from Mr. Davis, it’s very clear that no amount of planning can protect every person in every situation when someone intends to do harm. The response from law enforcement and first responders to the terrorist attack was incredible. The 150-hour resolution to a complex terror plot that prevented the second attack in Times Square can be credited to the plan they made and practiced for responding to an event in the case it did happen.
Strong parallels can be drawn to our cybersecurity defenses. If we look at the most disastrous large-scale breaches in history, every one of them involved massive oversights in the response process ranging from complete ignorance to willful misconduct and neglect. Even small-scale breaches are made exponentially worse without an understanding of how to respond. Response plans don’t have to be complicated. Here are some of the key components of your response plan:
Data backup and continuity
Where is your data? How is it backed up? How quickly is that data usable in the case the primary systems are compromised or unavailable?
Security response team
Who is helping to create and execute technical action plans? Are they certified, capable, and on standby? How are they alerted and how quickly can they respond?
How are you protecting yourself from liability of incidents with you and your partners?
If something happens, how are you communicating and to whom? Who is crafting the message and who is delivering the message?
The first step in Common Sense Security is dividing your plan into your Protection strategy and your Response strategy. Then we can move on to deciding what goes in each bucket.