BRAD ATKIN

atkin @ doeren . com

Malware , ransomware and general hacking continues to be a major threat to closely held businesses , leaving many forgetting to focus on developing response and recovery controls to keep them protected in an unwanted attack .

Having a clear vision of your organization ’ s cybersecurity posture is more important than ever as cyber threats continue to propagate across the nation . Unfortunately , many business owners may think they are not a target or even doing all the right things to protect their businesses from cyberattacks or data breaches . The reality is — history has proven that they don ’ t know what they don ’ t know .

The first step your organization can take to gain a clear

Closely held businesses have continued to make strides to identify issues , protect their network and detect nefarious activity . However , the “ bad guys ” have also continued to find new ways to get through system firewalls and wreak havoc .

The three largest cost mitigators throughout the country were testing an incident response plan , having a business continuity plan and the formation of an incidence response team . Each of these steps reduced the overall cost of a breach by nearly $ 300,000 .

Response controls deal with planning , communicating , mitigating and improving activities , and also helps organizations ’ personnel know

understanding of its current cyber resilience is to have a cybersecurity assessment performed . At its most basic level , a third-party cyber assessment shows how well a company has implemented defenses designed to protect it from a cyberattack , whether that be a breach of data or fraud driven by a cyberattack . These assessments aim to diagnose potential risks before something serious happens and measure how well a company has prepared itself to defend against and recover from such attacks . This can be used as a framework for creating a plan of action and remediating items based on their level of risk to the organization .

their roles , ensure incidents are reported correctly and timely , and coordinated with stakeholders . Analysis , mitigation and improvements help with proper investigation , understanding the impact , containing the problem , mitigating its effects and resolving the incident .

Recovery controls relate to planning , improvements and communication around the recovery of your system and to those affected . An incident may involve proper coordination with external parties such as Internet Service Providers , owners of attacking systems , victims and customers or vendors . Having a plan can help coordinate postattack efforts and reduce the risk of losing customers .

hock @ doeren . com

JOHN HOCK