Wednesday, October 25, 2017

Business Continuity Planning

October 25, 2017 - By now, you no doubt have a business continuity plan. When, however, did you last review it? Update it? We have to remember that a BCP is not a static thing; it is a dynamic plan that has to change with changes in the organization. If you haven’t reviewed your plan lately, this week’s articles can help you incorporate newer threats into your old plan.

Here's how to create a business continuity plan that gives your business the best chance of surviving a disaster. (Item #1)   Change management is an important piece of business interruption prevention and helps ensure security risk does not drift up during projects and day-to-day activities. (Item #2)   With the dynamic nature of BC in mind, how often should your organization review its business continuity plan? (Item #3)

Poor planning is definitely a big part of why organizations fail at business continuity, but the easy answer is that they’re simply overwhelmed by the challenges. (Item #4)   Paying a ransom is not the way to deal with a ransomware attack; instead, comprehensive business continuity and disaster recovery planning provides the best solution says Paul Barber. (Item #5)   All businesses need to have a robust cybersecurity plan in place to prevent attacks and protect their data and systems, but it’s also important to have a strategy in place to respond to a breach. (Item #6)

For the full issue, click here.

Wednesday, October 11, 2017

Crisis Response & Communication

October 11, 2017 - When dealing with communicating in a crisis, the first concerns should be to respond quickly, accurately and consistently. Obviously, the best approach is to have a plan to work from before the crisis hits. This will shorten your response time and enable everyone to hit the ground running. It's also important to ensure that everyone knows what's going on and what to say or not say in any situation. Take a look at these articles to see if your plans for crisis response are everything they need to be. 

Not sending complete and accurate information can hinder employee safety by creating confusion regarding exactly what is happening. (Item #1)   Here are some lessons learned from real-world crisis response. (Item #2)   This is what good communications after an incident looks like, looking at some real-world examples and emphasizing the importance of being transparent during a crisis. (Item #3)

Effective crisis response plans include these ten elements. (Item #4)   There are some things to be learned from the way Equifax handled communication about its breach. (Item #5)   What you say immediately after a crisis is important, so step in and make it known where your business stands during a crisis, even if it is just to acknowledge that a crisis has happened. (Item #6)

For the full issue, click here.

Wednesday, October 4, 2017

Cyber Security Awareness

October 4, 2017 - October is National Cyber Security Awareness Month (NCSAM), an annual campaign to raise awareness about the importance of cybersecurity. This is especially relevant after the recent hack of Equifax and other large companies. What are you doing to help make your employees more aware of cybersecurity practices? Do you offer regular training? Take a look at these articles, all of which are focused on ways to increase employees’ awareness of and participation in cybersecurity.

With workplace cyber attacks on the rise, industry experts are pressing businesses to train their workers to be more vigilant than ever to protect passwords and sensitive data and to recognize threats. (Item #1)   Security is everyone’s job; we need to deputize people for cybersecurity. (Item #2)   To most immediately increase an employee's ability to recognize attacks, organizations should consider security awareness training solutions to develop cybersecurity skills. (Item #3)

Here are some cyber-security tips for small business from the FCC. (Item #4)   Take a look at what password practices are putting you at risk, what trends are cropping up today, and how you can keep your accounts and data safe. (Item #5)   Here's some expert advice on how to make cybersecurity training more effective and protect your business. (Item #6)

For the full issue, click here.