Skip to content
info@johnstek.com Corporate HQ: Coral Gables, FL, USA +1.786.375.9020 Latin American HQ: Asuncion, Paraguay +595.213.277.395
Search:
Search
JohnsTek
Strategic Technology Engineering
JohnsTekJohnsTek
  • About
  • Products & Services
  • Cyber Risk
    • Managed Security Services Provider (MSSP)
    • Cyber Risk Management Solution
  • Markets
    • Commercial
    • Government
  • Resource Center
  • Contact
  • About
  • Products & Services
  • Cyber Risk
    • Managed Security Services Provider (MSSP)
    • Cyber Risk Management Solution
  • Markets
    • Commercial
    • Government
  • Resource Center
  • Contact

Five Things You Can Do Now To Implement Or Improve Cybersecurity

You are here:
  1. Home
  2. Blog
  3. Five Things You Can Do…
Jan82019
BlogCyberSecurityCyber_Pentagon_Transparent

Organizations of all sizes should understand by now that they face threats to their data, whether it is stored or accessed on a private network, internet cloud service, or mobile device.  Whether the organization is one person or one million people, we are all targets of malicious cyber activity.  Hopefully this list will challenge you to enquire, research and question your way through these steps.  There are five key things that you can do to begin or improve your Information Security Program:

 

FIRST, know your organization. Identify the organization systems, assets, data, and capabilities.  Document the the business function and resources that support those areas.  For each function list the policy and procedures; purpose or output; mechanisms, devices, and human resources; and the sources of information that support the business function. Identify and document threats that would adversely affect that function, such as inclement weather, employee accidents, cyber attacks, or system failures.  If you are depended on cloud services or third party vendors, know their security policies and procedures.

 

SECOND, implement protective measures for the organization.  Ensure that the organization has access controls to the network or critical systems.  Those controls could be simple password management systems, processes for gaining access accounts, or router settings that initiate safeguards, such as enforce MAC registry and password protection. Depending on the maturity level of the organization or complexity of the infrastructure, deeper measures could be taken to provide protection to the network and organization data, such as threat awareness campaigns, mandatory security training, advanced technology that implements hardware or software security controls.

 

THIRD, be aware of attacks to the organization. Even if the organization is one person with a laptop, anti-virus software or internal operating system firewalls should be implement to detect and notify you of a possible security issue.  The bigger or more complex the organization or business functions, the greater the need for comparable detection and alerting capabilities. All devices should have some form of continuous monitoring software.

 

FOURTH, be prepared to respond, not panic, at the first sign of trouble.  Have a plan to react. Appoint staff to be responsible for executing the response to detected attacks, or have a plan in place for third party vendors to provide professional services. The planned response must include the steps to mitigate and stop the attack, and a process to determine what was attacked, and what was the impact to the business function or critical system.

 

FIFTH, have a plan to recover. This entails thinking ahead to safe critical data, be prepared with alternative ways or systems for keeping the business function moving, and define which systems and data affected require the priority for recovery.  If you use cloud services or third party vendors, how do they recover data lost in an attack? What steps do you need to take to reconnect and begin the business functions again?

 

Get these steps documented in the most simple way possible, then begin to improve upon them with regularity. This will put you well on your way to developing a comprehensive Information Security Plan that is tailored for your organization!

 

 

Please contact us for more information!

Author:  Scott A. Johnston
Scott A. Johnston is the President and Founder of JohnsTek, Incorporated.
www.johnstek.com
@JOHNSTEK (Twitter)

 

Categories: Blog, CyberSecurityBy Scott JohnstonJanuary 8, 2019
Tags: Cyber Risk ManagementData RecoveryDetect AttackIdentify Cyber AttackIncident ResponseNetwork RecoveryProtect Data

Author: Scott Johnston

https://johnstek.com

Post navigation

PreviousPrevious post:JohnsTek Partners with IBM Security!NextNext post:Five Things Local Governments Can Do Now To Prepare For Disaster Response

Related posts

CyberShield
Stay Secure During the Holiday Season!
December 13, 2020
Cafe Photo
Data Protection In Cafes And Restaurants
February 10, 2019
JohnsTek Capability Statement 2019
February 9, 2019
EOC_ops
Five Things Local Governments Can Do Now To Prepare For Disaster Response
January 11, 2019
IBM_JohnsTek
JohnsTek Partners with IBM Security!
November 19, 2018
BlackTDS Malvertisements On The Rise
March 26, 2018
Shortcuts
  • About Us
  • Offerings
  • Products & Services
  • Commercial
  • Government
  • Privacy
  • Terms
JohnsTek News
  • CyberShield
    Stay Secure During the Holiday Season!
    December 13, 2020
  • Cafe Photo
    Data Protection In Cafes And Restaurants
    February 10, 2019
  • JohnsTek Capability Statement 2019
    February 9, 2019
Security Alerts
  • Alert Dispatch 23JUN17 ~ By JohnsTek
    June 23, 2017
  • Alert Dispatch 5JUN17 ~ By JohnsTek
    June 5, 2017
  • Alert Dispatch 18MAY17 ~ By JohnsTek
    May 18, 2017
Intel Brief
  • The Intel Brief 02OCT17 ~ By JohnsTek
    September 28, 2017
  • The Intel Brief 16AUG17 ~ By JohnsTek
    August 16, 2017
  • The Intel Brief 16JUN17 ~ By JohnsTek
    June 16, 2017
Press Releases
  • JohnsTek Capability Statement 2019
    February 9, 2019
  • IBM_JohnsTek
    JohnsTek Partners with IBM Security!
    November 19, 2018
  • Veterans Day
    JOHNSTEK WISHES YOU A HAPPY VETERAN’S DAY!
    November 10, 2017
Copyright © 2022 JohnsTek | All Rights Reserved.
  • About Us
  • Offerings
  • Products & Services
  • Commercial
  • Government
  • Privacy
  • Terms
Footer