8 steps towards a simple, airtight cybersecurity plan

If the worst does happen, just how badly a breach affects your business depends on how well you’ve prepared.
25 August 2020

It may seem like something that only happens to the Garmins or the Marriotts of this world, but no organization is immune to cyberattacks, and resulting data breaches can bring any company to its knees. 

Particularly among smaller businesses, cybersecurity is often a reluctant afterthought – a chore we know we should tackle but keep putting off. Especially amid business uncertainty, it can be difficult to prioritize the allocation of resources to what can seem like only a very distant threat. 

But while large, sophisticated hacking groups may target big bounties more often, every business is vulnerable – in fact, the Ponemon institute predicts you have a one in four chance of being successfully hacked at some point. 

If the worst does happen, just how badly that affects your business depends on how well you’ve prepared. 

With workforces remote and more vulnerable than ever, and cyberattacks continuing to swell leveraging the “unstable social and economic situation” of the pandemic, businesses without a clear cybersecurity plan must take stock of the situation and act. 

Creating a cybersecurity plan will give your company’s workforce a clear step-by-step framework to follow in the event of a successful cyberattack, and a clear picture of the organization’s IT structure and safeguards in place to protect them. 

In addition, a cybersecurity plan should have an apparatus for testing the strategy, updating the plan as new threats emerge, and training staff to help fortify vulnerabilities. 

By crafting and enacting a simple cybersecurity plan, businesses – and all their members – will be vigilant to threats and ready to act in the case of an attack. Here are some of the core principles to consider in a cybersecurity plan. 

A simple cybersecurity plan

Creating a simple cybersecurity plan doesn’t require more than a shared document to begin with, in order to note down the crucial information which will create a broad picture of the organization’s current defenses and vulnerabilities. 

# 1 | Define the stakeholders 

First things first, you’ll need to identify those individuals in the business who are key to the security plan, such as the CIO, IT manager, or external support team. Their roles and contact information should be listed, so they can be contacted as quickly as possible once a breach is discovered. 

# 2 | Catalog the IT assets 

Protections can’t be reviewed or put in place unless there is a thorough and clear understanding of all IT assets. That will comprise a comprehensive list of networks, storage, devices, and servers. The location of data stored should be listed, whether that’s within a CRM system, in the cloud or on an email server. Sensitive data, such as payment details, should be highlighted. 

# 3 | Outline the existing defenses

Add a full list of the protections already in place, including firewalls, anti-malware software, and backups, and encryptions. Since the transition to remote work, this may also include VPNs and cloud monitoring tools. 

# 4 | List the threat detection methods

Besides existing cybersecurity defenses, include a list of threat detection tools (if any) that can identify phishing attempts, compromised credentials, brute-force attacks, and advanced persistent threats. 

# 5 | Establish best practice

The majority of data breaches are traced back to human error. With the nuts and bolts of existing cybersecurity systems in place, clear guidelines and controls must be given to employees. These will include requiring employees to use strong passwords or, even better, multi-factor authentication (MFA). Users should be given access levels depending on day-to-day requirements. Especially among remote workers, the use of VPNs should be compulsory for the uploading of data to the cloud remotely. 

# 6 | Set the procedure

No matter how airtight a cybersecurity plan seems, attacks and breaches can still occur. Guidelines must be in place, ready for users to follow step-by-step in the event of a breach. The first step may be to contact your IT service provider, escalating to contacting legal help if the situation worsens. Responses may differ depending on the severity of the breach and the potential impact. At the least, instructions must be in place for isolating the breach and taking affected data offline.

# 7 | Routine cybersecurity audits

You can’t wait for a real-world attack to test your cyber defenses, especially when new threats are emerging all the time. Testing measures must be put in place with regularity, as well as frequent cybersecurity audits to benchmark how well protections are working. 

# 8 | Employee training

Vocalizing policies and best practice isn’t enough to ensure employees engage consistently in the business’s cybersecurity culture. Hands-on training should be provided to instill and refresh best practices, as well as reporting processes. These could be hosted off-site as team days. 

Keep your plan updated. Once you’ve created your cybersecurity plan, it will need regular updates as the business’s IT structure changes over time and cyber threats change and evolve.