BUILD A CULTURE OF CYBER READINESS
Written By
Banc of California
Cyberattacks are a growing risk that may affect your personal and business financial security.
Cybersecurity refers to the practice of protecting your systems, networks and programs from digital attacks that may result in financial loss. Implementing effective information protection and cybersecurity measures is crucial to ensure that scammers cannot access, change or destroy sensitive information.
Continue reading to find out:
- How to protect your business from cyberattacks
- What the best practices are to protect sensitive information
- How to create a culture of cyber readiness in your workplace
This cybersecurity training guide will help you create a culture of cyber readiness in your organization:
Business Leaders
- Invest in cybersecurity
- Review who is dependent on IT
- Build a network of trusted relationships with sector partners and government agencies for access to timely cyber threat information
- Acknowledge cybercrime as a business risk and be proactive
- Develop cybersecurity policies and procedures
Employees
- Leverage basic cybersecurity training to understand cybersecurity concepts and implement best practices
- Develop a culture of awareness to encourage employees to make good choices online
- Learn about risks such as phishing and business email compromise (BEC)
- Identify available training resources through professional associations, academic institutions, private sector and government sources
- Be aware of current events related to cybersecurity, using lessons learned and reported events to remain updated on the current threat environment
Systems
- Learn what’s on your network and maintain an inventory of hardware and software assets to know what is at risk from an attack
- Leverage automatic updates for all operating systems and third-party software
- Implement secure configurations for all hardware and software assets
- Remove unauthorized hardware and software from systems
- Leverage email and web browser security settings to protect against email spoofing and unsecured webpages
- Create application integrity and whitelisting policies so only approved software is allowed on your systems
Access
- Learn who is on your network and maintain inventories of network connections (user accounts, vendors, business partners, etc.)
- Implement multifactor authentication for all users
- Grant access and admin permissions on a need‑to‑know basis and according to the principle of least privilege
- Use unique passwords for all user accounts
- Develop IT policies and procedures addressing changes in user status (transfers, termination, etc.)
Data
- Know what information resides on your network and maintain inventories of critical or sensitive information
- Establish regular automated backups
- Install malware protection capabilities
- Manage network and perimeter components, host and device components, data at rest and in transit, and user behavior activities
Actions Under Stress
- Develop an incident response and disaster recovery plan outlining roles and responsibilities and test it often
- Create a business impact assessment to prioritize resources and identify which systems must be recovered first
- Create a call list of those to call for help (outside partners, vendors, government/industry responders, technical advisors and law enforcement)
- Develop an internal reporting structure to detect, communicate and contain attacks.
DOWNLOAD THE IT PROFESSIONAL’S CYBER READINESS GUIDE
CONNECT WITH A RELATIONSHIP MANAGER
COMPLETE THIS FORM OR CALL
877-770-BANC (2262)