Cybersecurity Policy

cybersecurity

Image: FreeDigitalPhotos.net

cyber threat is one of the most serious economic and national security challenges we face as a nation” and that “America’s economic prosperity in the 21st century will depend on cybersecurity  — Barack Obama, President of the United States

Ever since the first 2 computers communicated, there’s been a security threat.  But, today, cybersecurity is a major concern for all businesses.  Hackers are more sophisticated, social media creates holes into your proprietary data, and spiderwebs of connections create security nightmares.  Add to this sloppy security practices, such as using the same passwords across websites, not protecting passwords, and not changing passwords after employees leave a firm and you get a taste for why cybersecurity is such a hot topic now

 


And a strong cybersecurity policy is one of the most important steps in ensuring digital security, according to Barack Obama.  That’s why we’ve teamed up with cybersecurity experts who’ll share their expertise and advice to help you protect your valuable digital assets.  We’re creating policies and training to ensure employees, vendors, and others with access to your digital information know their responsibilities in protecting your digital assets.

Cybersecurity and Sound Business Practice

Not only is cybersecurity a good idea, but emerging ISO 27001 standards require a cogent policy for handling threats to the security of digital assets.  Plus, insurance companies require a cybersecurity policy and signed agreements from employees and others with access to digital information to adhere to the policy before they’ll provide insurance that indemnifies companies against loss from cyber attacks.

3 Aspects of Cybersecurity

After and extensive review of existing practices with an eye toward uncovering vulnerabilities, the federal government identified 3 aspects critical for ensuring cybersecurity:

  • Trusted Internet Connections (TIC)- Consolidate external telecommunication connections and ensure a set of baseline security capabilities for situational awareness and enhanced monitoring.
  • Continuous Monitoring of Federal Information Systems -Transforms the otherwise static security control assessment and authorization process into a dynamic risk mitigation program that provides essential, near real-time security status and remediation, increasing visibility into system operations and helping security personnel make risk-management decisions based on increased situational awareness.
  • Strong Authentication– Passwords alone provide little security. Federal smartcard credentials such as PIV (Personnel Identity Verification) and CAC (Common Access Cards) cards provide multi-factor authentication and digital signature and encryption capabilities, authorizing users to access Federal information systems with a higher level of assurance.

What can YOU do to protect your digital assets?

  1. Sign up for our newsletter so you stay abreast of issues affecting your cybersecurity.
  2. Begin a security audit — if you don’t know how to do one, stay tuned and we’ll show you how.
  3. Strengthen passwords and require passwords to be changed periodically