Executive Director, Office of the CISO, Optiv
Cybersecurity Awareness Month is an optimal time to assess your organization’s cyber program, including communications and incident response preparation.
October is Cybersecurity Awareness Month. It’s a wonderful time to reflect on what the month means to your organization and cyber program.
Cybersecurity is a team sport and expands well past the virtual walls of our organization. We’re all responsible for a healthy, risk-based cyber program that engages the whole organization, from the board to staff and our partners.
Cybersecurity Month can be a catalyst to further enhance our program and launch an engagement strategy that will allow us to build on October and continue for the next 11 months and beyond. How could we focus our efforts?
Let us explore a couple of areas of focus: communications and incident response preparation.
Assessing communication and preparedness
Communication should be continuous. Assuming we have a measurement of our program (if we do not, assessing our program should be a priority) and a desired state for the program, our communications plan should be organization-wide, with specific engagement with executive leadership and the board or the appropriate governance structure. This will help engage on our risk profile as well as target state. The underlying message can be “we’re never done” and “we all must be engaged.”
When it comes to incident response preparation, are we prepared for an eventual cyber disruption? We should ensure we have a response plan and exercise it. With a plan in place, tabletop exercises are the best way to exercise our collective ability to respond. A cyber event requires a well-rehearsed response that engages internal and external stakeholders. Our ability to test our response will promote further resilience to an unplanned event. Our goal is to minimize impact and quickly transition back to operations as seamlessly as possible.
Cybersecurity Month is an ideal time to begin institutionalizing our program, create momentum, build on success, and close gaps in our program.
To learn more, visit optiv.com.