(844) 982-6824 

Here’s your first step to developing a cybersecurity program

Last updated on

By Rick Ball, VPC Cyber/Continuity of Operations Branch Director

Two programers holding laptop with coding interface walking towards desk and sitting down

The old adage that “you don’t know what you don’t know” certainly applies to Cyber security and can be costly. What are the first steps to developing a Cyber-attack protection program?.

Every business, regardless of size, should conduct a Cyber risk  assessment. An example of how Cyber risk is measured is as follows: Cyber risk = threat x vulnerability x information value. There are numerous excellent standards-based plans available from the web, or you could hire a consulting firm to do one for you, which is what I advise to avoid any impartiality. A good standards-based assessment can be a time-consuming and complex endeavor.

However, the information gleaned from the assessment will allow you to best prepare your business.

The next step in the process is to develop your Cyber threat policies and procedures. This should be done in conjunction with some of your existing data and physical security policies/procedures, and should also include risk management.

Once the Cyber policies/procedures have been established, then the next step would be to establish a Cyber Security Incident Response Team (CSIRT), whether it be internal or external with a virtual Chief Information Security Officer (vCISO)  or MSSP.

Final aspect you should consider is to obtain a Cyber insurance policy from a reputable firm, preferably from one that specializes in Cyber insurance and has done so for several years. Whatever you do, please do not assume your general liability insurance will cover you, as many have specific limitations and minimal coverage. 

References for Cyber Risk Assessment:

You may also be interested in these items

VPC’s first eclipse-preparation exercise prepares teams for an influx of eclipse viewers to Indiana
HSEEP-compliant eclipse preparation training, tabletops, and planning sessions are available now.
Earthquake preparedness tips for Midwesterners
“The Great ShakeOut gives all industries and organizations an opportunity to test their response to earthquakes, one threat that typically does not garner a lot …
Your total eclipse checklist: prepare these 10 things now
Researchers believe as many as 2 million will travel into the path of totality in April 2024. Cities, towns, hospitals, and organizations should be prepared.

We've worked with these and dozens of other partners across the U.S.