By
Periodic assessments of cybersecurity plans, policies and procedures ensure cybersecurity programs are fit for purpose and ready for use in the event of an attack.
Referred to as cyber resilience, these assessments define an organization’s ability to recover and resume operations following a disruptive event. Modifying the assessment process to determine an organization’s resilience, however, goes beyond a simple “do we have it” or “don’t we have it” approach.
Read on to learn how to prepare and conduct a cyber-resilience assessment, and review activities that help improve an organization’s cybersecurity risk posture.
Questions to ask when conducting a cyber-resilience assessment
The following questions will help guide your cyber-resilience assessment:
- How is systems, software and network cybersecurity managed? Many activities live under this heading, including the following:
- patch management;
- antivirus and other malware software updates;
- strong password management;
- strong access control;
- ensuring data, databases and applications are regularly backed up;
- limiting access to…
