Nuts-and-bults-of-information-security-plan

 

When you take a look at this past year, you note that organizations are becoming more aware of the importance of good information security planning for business. What’s also obvious though, is the need to make high standard security choices a routine practice for business.

When routine is absent, continuous monitoring and security alertness are absent too.  This means decision makers and senior executives learn of the challenges and ongoing needs required to maintain an effective level of security only after the fact (so following a breach that happens to them in primis) or by observing another company’s misfortune, such as the Target breach incident.

Security news sites, online security focused groups and infosec podcasts have talked and continue to talk about what enterprises should do to decrease vulnerabilities and information risks.  Research and studies conducted by reliable institutions such as the Ponemon Institute are continuously sharing their findings and attempting to generate even more awareness.

With a New Year here, it’s a great time to make a list of information risk management things to do so that your security plan can become routine or better said, an ongoing investment that will ultimately, reduce your breach costs and increase your business profits (long term).

A helpful list of eight things your New Year’s information security resolution list should include can get you started on your security risk management and data habits for the upcoming year.

 

  1. Manage vulnerabilities by having “eyes and ears” on them at all times.

  2. Keep your network infrastructure under observation and analysis on a regular basis.

  3. Integrate your security platforms to improve overall security.

  4. Data centers, BYOD, BYOS are ever growing in use; generating standard policies and regulations are necessary.

  5. Remember, security threats are external and internal. Prepare for both!

  6. Have at least a one year long information risk management plan.

  7. Stay up-to-date on compliance standards to avoid fines.

  8. Have partner security professionals and/or teams to work with.

 

What additional information security posture items do you have for your New Year’s infosec resolution list?