Home » cyber security » A Simple Cyber Security Plan Is the Best Kind of Plan
iStock_000003215241Large

A Simple Cyber Security Plan Is the Best Kind of Plan

In the past few years, enterprise networks have quickly grown in complexity, spurred by demand for bring-your-own-device (BYOD) policies, cloud computing and virtualization, among other factors. Unsurprisingly, this increased complexity has called for new cyber security considerations, as firms work to maintain the protection of their sensitive data.

However, if you think the complexity of your networks necessarily results in a similarly complex cyber security plan, think again: The better game plan is to have a foundational strategy that’s clear and accessible to all. As cyber security inevitably gains higher priority, you may have more work to do in defining and articulating your strategy.

Take Google, for example. Even with the highly complex architecture that comes with being a top provider of cloud-based services, they provide a good example of a refined and unified security plan, covered in just a few pages on their site. Achieving this kind of clarity should be your new Holy Grail. Here’s how to do it.

  1. Understand business goals and align with them: To establish a focus for your cyber security initiatives for the next few years, it’s important to know the strategic direction of the organization, its operational goals and the infrastructure that will be critical to the planned growth.
  2. Audit and assess: With an idea of how the organization is growing, you need a complete inventory of technological resources, their relative importance to critical growth pursuits and the areas where they may present vulnerabilities.
  3. Know your partners: In many recent cases, third-party vendors have unwittingly provided hackers entry into companies’ critical systems. Make sure you have a handle on where your third-party connections may create critical vulnerabilities.
  4. Map threats to critical systems: When you have prioritized goals for your strategy and understand your critical infrastructure, you have a better foundation for analyzing cyber intelligence and threats that emerge from your monitoring efforts. Beyond reacting to immediate threats, this can help you define how to proceed in enhancing your security position.
  5. Consider whether outsourcing makes sense for you: Depending on your internal resources, you may want to partner with an outside specialist for monitoring, detection, response and even intelligence efforts. With a high-level strategy in place, an experienced, managed security operation can plug in to your security program and keep you from stretching your internal resources from spreading too thin.

Lunarline offers consulting services for building your security plans, as well as full-scale managed security that brings state-of-the-art security operations to businesses and agencies of any size. To start discussing how we can help your organization, contact one of our specialists today.

About Spence Witten

Spence has somehow survived ten years at start-ups and small businesses without suffering a (major) nervous breakdown. As Lunarline's Director of Federal Sales, Spence actually loves working on proposals. If there were any doubt, this is proof that he is in fact certifiably insane. While his title says "Sales" Lunarline doesn't let him off that easy. We make him do real work, too. Luckily he's a recognized subject matter expert in security policy and loves helping clients navigate their way around tricky security compliance standards. He's also been known to lead a software development initiative or two, though that pretty much always ends poorly for everyone involved. He can be reached at spence.witten@lunarline.com.