{"id":33404,"date":"2023-01-02T13:03:32","date_gmt":"2023-01-02T18:03:32","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=519067"},"modified":"2023-01-03T10:13:32","modified_gmt":"2023-01-03T15:13:32","slug":"cyber-security-today-jan-3-2023-resolve-to-start-the-new-year-by-honing-or-starting-your-cybersecurity-plan","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-jan-3-2023-resolve-to-start-the-new-year-by-honing-or-starting-your-cybersecurity-plan\/","title":{"rendered":"Cyber Security Today, Jan. 3, 2023 \u2013 Resolve to start the new year by honing \u2014 or starting \u2014 your cybersecurity plan"},"content":{"rendered":"<p data-ar-index=\"0\">Welcome to Cyber Security Today. It\u2019s Monday, January 2nd, 2023. I\u2019m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.<\/p>\n<p data-ar-index=\"1\"><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/25380180\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\" \/><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p data-ar-index=\"2\">Happy New Year to all of you.<\/p>\n<p data-ar-index=\"3\">My tradition since the podcast began is to start the first episode of the year with New Year\u2019s Resolutions for IT and security leaders. Because you should resolve to do things more efficiently, more methodically and more strategically than last year. You need a cybersecurity plan.<\/p>\n<p data-ar-index=\"4\">I\u2019m speaking to those of you in small and medium-sized businesses with fewer financial and human resources than large organizations.<\/p>\n<p data-ar-index=\"5\">You may not know where to start. So here\u2019s some advice: Start at the end. Assume there\u2019s been a breach of your security controls five minutes from now. Are you prepared?<\/p>\n<p data-ar-index=\"6\">Why start there? Because the beginning steps \u2014 which I\u2019ll get to shortly \u2014 will take time. And time is what you don\u2019t have if there\u2019s a cyber incident. You need an incident response team, and an incident response plan.<\/p>\n<p data-ar-index=\"7\">First, the incident response plan has to be written, with several copies stored in a safe and accessible place for the incident response team. Why not on computer? Because the computer with the plan might be hacked, or encrypted.<\/p>\n<p data-ar-index=\"8\">Second, management and the IT team have to define when the incident response team should be summoned. It doesn\u2019t have to be every incident. Many can be handled by IT alone.<\/p>\n<p data-ar-index=\"9\">Third, executives need to decide who should be on the incident response team. Membership is your choice. Obviously some or all of the IT security team. But also include someone from internal or external legal (because they will give the team legal advice) communications (because they will have the responsibility of communicating with employees, the media and clients) and perhaps someone from HR. It may also include experts from your vendors or an outside incident response specialist. The IT leader may be responsible for IT response, while an event investigator will gather data for forensic analysis. A team leader should also be appointed, and not necessarily the CEO.<\/p>\n<p data-ar-index=\"10\">Team members need to be on-call 27\/7. When they can\u2019t be \u2014 for a family reason, they\u2019re on training or they are on vacation \u2014 there have to be designated alternates. Everyone on the team has to have several ways of being contacted in an emergency: Phone, email or text. The contact information has to be kept up to date.<\/p>\n<p data-ar-index=\"11\">Remember, often cyber attacks start with email being compromised. So this initial message to the incident response team meeting has to be carefully worded. For example, an email and text message might say, \u201cThere\u2019s a meeting of the emergency team at the designated physical space,\u201d or \u201cat the designated virtual space.\u201d<\/p>\n<p data-ar-index=\"12\">And because email might have been compromised it\u2019s a good idea to have an emergency email account set up that is only used for incidents. Ideally, it will be provided by a separate internet provider. At the very least it will have a different name than the organization\u2019s public email address.<\/p>\n<p data-ar-index=\"13\">Next, the plan should identify a designated place to meet. The easiest is the company board room, but any meeting room will do. Because of COVID or other reasons the team may have to meet virtually. If so, that has to be arranged in advance and security measures like password and access control must be arranged in advance. For further messaging with the team that special email account will have to be used.<\/p>\n<p data-ar-index=\"14\">Meanwhile, the IT team has to prepare for the worst. They do that by having a \u201cGo Bag\u201d with at least one laptop devoted strictly to dealing with resurrecting the IT infrastructure remotely. It will include all the tools IT needs. And to cover all contingencies, the Go Bag should to have a cellphone from a different provider than the one the organization normally uses.<\/p>\n<p data-ar-index=\"15\">Optimistically, doing these first steps might take two days.<\/p>\n<p data-ar-index=\"16\">This isn\u2019t everything for the incident response plan. Management has to set out the responsibilities of team members. The IT department should start drafting \u2018what-if\u2019 scenarios \u2014 also called playbooks \u2014 so they are prepared for likely attacks. But at least the groundwork for the response team will be set.<\/p>\n<p data-ar-index=\"17\">As for the rest of the cybersecurity plan, it begins with making an inventory of all of the hardware and software under the organization\u2019s control, as well as where all the servers with sensitive data reside. From there a patch management priority strategy needs to be worked out. There have to be policies for IT \u2014 and possibly business units \u2014 to follow on the secure configuration of hardware and software, for user identification, authorization and data access control, for employee training and for data backup and recovery.<\/p>\n<p data-ar-index=\"18\">I\u2019ve only touched on what you should be doing to create a cybersecurity plan. The internet is full of free resources. Just type \u201ccreate a cybersecurity plan\u201d or \u201ccreate an incident response plan.\u201d<\/p>\n<p data-ar-index=\"19\">If you\u2019re a small or medium-sized Canadian firm look at the Canadian Centre for Cyber Security\u2019s <a href=\"https:\/\/cyber.gc.ca\/en\/guidance\/baseline-cyber-security-controls-small-and-medium-organizations\">Baseline Cyber Security Controls<\/a>. There\u2019s also the U.S. Cybersecurity and Infrastructure Security Agency\u2019s <a href=\"https:\/\/www.cisa.gov\/small-business\" rel=\"noopener\">Cybersecurity Action Plan for Small Businesses<\/a>.<\/p>\n<p data-ar-index=\"20\">MORE RESOURCES<\/p>\n<p data-ar-index=\"21\">The government of Canada\u2019s Get Cyber Safe program <a href=\"https:\/\/www.getcybersafe.gc.ca\/en\/resources\/get-cyber-safe-guide-small-and-medium-businesses\" rel=\"noopener\">has this guide for SMBs.<\/a><\/p>\n<p data-ar-index=\"22\">The Privacy Commissioner of Canada <a href=\"https:\/\/www.priv.gc.ca\/en\/privacy-topics\/privacy-laws-in-canada\/the-personal-information-protection-and-electronic-documents-act-pipeda\/pipeda-compliance-help\/guide_org\/\" rel=\"noopener\">has this guide<\/a> for protecting personal data for businesses that come under the federal Personal Information Protection and Electronic Documents Act (PIPEDA).<\/p>\n<p data-ar-index=\"23\">The U.S. Federal Communications Commission <a href=\"https:\/\/www.fcc.gov\/communications-business-opportunities\/cybersecurity-small-businesses\" rel=\"noopener\">has this tip sheet<\/a>.<\/p>\n<p data-ar-index=\"24\">Finally, heads of private and public sector organizations should remember two things: Cybersecurity is risk management. IT departments don\u2019t do that. That\u2019s your job. Second, you have to lead. If the organization decides on a policy, you have to be seen to be following it. No exceptions.<\/p>\n<p data-ar-index=\"25\">That\u2019s it for now. Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.<\/p>\n<p data-ar-index=\"26\">The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-jan-3-2023-resolve-to-start-the-new-year-by-honing-or-starting-your-cybersecurity-plan\/519067\">Cyber Security Today, Jan. 3, 2023 \u2013 Resolve to start the new year by honing \u2014 or starting \u2014 your cybersecurity plan<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Start the new year right by taking the first steps toward a cybersec<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389],"class_list":["post-33404","post","type-post","status-publish","format-standard","hentry","category-podcasts","category-security","tag-cyber-security-today"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/33404","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=33404"}],"version-history":[{"count":3,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/33404\/revisions"}],"predecessor-version":[{"id":33414,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/33404\/revisions\/33414"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=33404"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=33404"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=33404"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}