How To Set Up A Cybersecurity Plan

Many times we hear from business leaders that they become overwhelmed with all of this information and they do not know where to start.  The easiest (and cheapest) place to start is with plans and policies.  Most of the cost of getting these two pieces off the ground is internal time.  You may look to have a consultant tie up the loose ends but a little elbow grease and Internet searching can get you 90% of the way there.

Think of a Cybersecurity Plan as a business plan for the security of your company.  These documents will do the following:

1. Designate the roles and responsibilities of your staff who take ownership of all things security.
2. Identify and document any outside vendors or parties and their roles with securing your information.
3. Describe your plan for rolling out new systems to address cybersecurity gaps and the timeline for them.
4. Lists out all of your policies and the schedule to review them.

Your Cybersecurity Policies are the same as every company policy but pertain to how you keep your network and data safe.  Some of these include:

1. An acceptable use policy for Internet and email.
2. Company email and other data on smartphones, tablets and laptops.
3. Saving data to local PCs versus other systems or public drives that may be more secure.
4. Responsibilities of your associates when something happens that may put data at risk.