Take Action: Do an assessment of the data you create, collect, store, access, transmit and then classify all the data by level of sensitivity so you can take steps to protect it appropriately.
Take Action: Educate every employee on their responsibility for protecting sensitive information.
Take Action: Create and institute cybersecurity policies and procedures, restrict administrative and access privileges, enable multi-factor authentication and train employees to spot malicious emails.
Take Action: Put data sharing agreements in place with vendors and have a trusted lawyer review.
Take Action: Speak with your insurance representative to understand your coverage
and what type of policy would best fit your organization’s needs.
Take Action: Identify potential cybersecurity incidents that can come from within the
organization and develop strategies to minimize those threats.
Take Action: Before giving someone responsibility to manage your social media, website and network, etc., train them on your expectations of use and cybersecurity best practices.
Take Action: Use a robust framework, such as the NIST Cybersecurity Framework, to
manage cybersecurity risk.
Take Action: Develop strategies and policies to prevent unauthorized physical access to sensitive information and assets (e.g., control who can access certain areas of the office.)
Take Action: Ensure devices are operating with the most current software, change the manufacturer’s default password to a unique, secure passphrase and configure privacy settings prior to use.
Next Steps For You
Now that you’re more aware of common cybersecurity misconceptions, the next step is to sharpen your security skills, either for upskilling or with the idea of starting a new career. Babbage Simmel’s Comprehensive NIST Cybersecurity Framework (NCSF) Training & CompTIA CySA+ Cybersecurity Analyst Certification Cybersecurity training options will equip you with the skills needed to become an expert in the security field. You will learn comprehensive approaches to protecting your infrastructure, including securing data and information, running risk analysis and mitigation, architecting cloud-based security, achieving compliance and much much more.
Questions about Cybersecurity? Get in touch!