Vistage Research Center

Get actionable, data-driven insights and expert perspectives from our global community of CEOs and thought leaders. Led by Joe Galvin, Chief Research Officer

Beef up your cybersecurity with this 5-point checklist


Cyberthreats are a clear and present danger for every business. As sudden as a heart attack, a cyberattack can compromise your computers or highjack your wire transfers — leading to rapid loss of cash, data, records, leadership credibility, employees and customer trust.

Small and midsize companies are particularly vulnerable to cyberattacks. Hackers consider them soft targets because they tend to hold valuable data but lack sufficient security measures to thwart a cyberattack. In fact, a recent study conducted by my company Vistage revealed that nearly two-thirds (62 percent) of CEOs do not currently have an active cybersecurity strategy in place. More than one-quarter (27 percent) have no plan at all.

If your company is one of those, take measures to beef up your cybersecurity right now. I interviewed three cybersecurity experts on how to get started; this checklist can help you get started.

1. Assess your cybersecurity.

To gauge the strength of your cybersecurity, use a reputable tool — such as the Cybersecurity Framework offered by the National Institute of Standards and Technology — to perform an assessment. As part of this process, gather your senior leadership team, investors and board of directors to perform an informal audit. Review, value and prioritize your assets and decide what cybersecurity measures you want to manage internally versus outsource.

2. Bring awareness to employees.

Train employees to abide by basic security principles. This includes enforcing the use of strong passwords, maintaining appropriate internet use and handling customer information and data with care. It’s a good idea invest in a stock test package or use phishing simulations to teach people how to spot common signs of an attack.

3. Implement robust policies, processes and procedures.

At the very least, have an acceptable use policy. Limit employee access to sensitive data and information, tailoring access according to each person’s role and responsibilities. Put someone in charge of checking firewall logs, antivirus logs and anti-malware logs on a routine basis. Create simulations for cybersecurity attacks and figure out your game plan, including who you’d call in an emergency.

4. Make smart technology choices.

Don’t rely solely on antivirus software to keep you safe; most companies require something more robust. Consider you truly need from the full range of security options, including antivirus software, endpoint security systems, firewalls, data back-up solutions, encryption software, two-step authentication and password-security systems.

Get application controls so that your company’s computers only run a preapproved set of business-essential programs. Finally, uninstall the free, lite and trial versions of programs on your company’s computers, which can serve as toeholds for hackers.

5. Call on experts.

Even if you have IT resources, you should meet with a cybersecurity expert on a biannual basis, much like you would a financial planner. If you don’t have an IT resource, consider using a fractional model (i.e., contract or third-party service provider) to engage IT experts when you need them. Finally, conduct an external review of IT to ensure that your company’s data and network is secure and current.

This blog was originally posted on Inc.com. Read the original post here.

 

Related articles:

Technology trends affecting business in 2019

4 considerations for your approach to artificial intelligence Webinar On-Demand

Print Friendly, PDF & Email

Leave a Reply

Your email address will not be published. Required fields are marked *

Predefined Skins

Primary Color

Background Color

Example Patterns

demo demo demo demo demo demo demo demo demo demo

Privacy Policy Settings

  • Required Cookies
  • Performance Cookies
  • Functional Cookies
  • Advertising Cookies
These cookies are essential in order to enable you to move around the Sites and use its features, such as accessing secure areas of the Sites and using Vistage’s Services. Since these cookies are essential to operate Vistage’s Sites and Services, there is no option to opt out of these cookies.
These cookies collect information about how visitors our Sites, for instance which pages visitors go to most often. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Cookies used

Visual Web Optimizer
These cookies remember information you have entered or choices you make (e.g. as your username, language, or your region), and provide enhanced, more personal features. They may also be used to provide services you have asked for such as watching a video or commenting on a blog. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

Cookies used

Google Analytics
GTM
Gravity Forms
These cookies are used to make advertising more relevant to you and your interests. The cookies are usually placed by third party advertising networks. They remember the websites you visit and that information is shared with other parties such as advertisers. If you do not allow these cookies, you will experience less targeted advertising.