As cyberattacks become both more prevalent and complex, it’s often no longer a matter of “if”, but “when” a breach will occur. However, organizations can take steps to reduce the risk of a breach and to mitigate the impact of a breach should one occur. We outline below five things businesses and business leaders should do to protect against, and prepare for, cyber breaches.
1. IMPLEMENT AN INFORMATION SECURITY PROGRAM
Investing in preparedness is worthwhile. Organizations should ensure they have a written information security program in place, developed by experienced information security professionals. Determining the organization’s information handling practices is essential to putting into place appropriate security measures. This should include a thorough risk assessment, business impact assessment and security audit.
Key stakeholders should be involved in both developing and implementing the program. Once implemented, don’t “set it and forget it” — check that it is properly operationalized and regularly reviewed in light of evolving information handling practices and information security threats.
2. VENDOR MANAGEMENT
Data processing activities are…
