Cybercriminals are very good at getting personal information from unsuspecting victims, and their methods are getting more sophisticated as technology evolves. Their tactics are becoming more complex every day, and it can be challenging for organizations to keep up. Not only does cybersecurity require advanced barriers and prevention solutions in place, your organizations’ policies and procedures must be impenetrable as well.
Double check that your organization is prepared to defend itself in this new age of crime with our Cybersecurity Checklist:
- We have established clear policies and procedures for employees to use our organization’s information technologies.
- Our defense strategy includes technical, organizational and operational controls.
- Controls are properly mapped to a well-known security framework.
- Our policies include requirements for employee passwords. This policy regulates the frequency of mandatory password updates as well as password strength and difficulty.
- Our cyber incident response planning is included in existing disaster recovery and business continuity plans across the organization.
- We have enabled multi-factor authentication (MFA) to further lock down applications and devices.
- We conduct regular IT reviews, audits and security tests to eliminate vulnerabilities.
- We regularly train employees on how to identify and interact with malicious emails, spam and phishing attempts.
- We implement technical defenses, such as firewalls, intrusion detection systems, and Internet content filtering.
- We monitor, log, and analyze attempted intrusions to our systems and networks.
- Mobile devices are registered and tracked from an MDM system implementation.
Content adapted from resources produced by the Department of Homeland Security.