I recently sat down with OneNeck’s CISO, Katie McCullough, to discuss some of the key fundamentals organizations must keep in mind when developing a security strategy.
A few of Katie’s pointers were:
- Keep your software up to date. This may seem like a given, but many organizations struggle to make patching a priority when they’re busy just trying to grow the bottom line. But much like the Equifax breach, many attacks are avoidable with routine and timely patching.
- Educate and train your employees. The bad guys aren’t getting any dumber, and they know that phishing is still a great way to get inside your organization. No matter how many tools you have, if your employees aren’t trained to recognize phishing schemes, then no tool can keep you safe.
- Compliance measures aren’t just an operational burden. It’s critical to document your processes, train your teams on those processes and monitor their adherence to build the solid foundation to keep your organization safe.
- Develop and incident response plan. In the event that you do experience a breach, an incident response plan will help you know exactly what steps to follow so that you can respond quickly and mitigate the attack before it does even more damage.
These are just some of the tips Katie discusses in her Point of View Paper on security and compliance. If you’d like to read this insightful paper, download it now…