The world is complicated. The steps needed to secure an organization are more and more intricate by the day. There are numerous technologies to consider and more coming out by the day (or minute, it seems). No matter what direction you take with your security plan, there are a few things you can do right now to protect your organization while you figure the rest out.
1. Verify your backups. We have a post on this (below). If you don't have backups, stop reading this post now and go get some in place.
2. Patch your systems. It is tedious and never ending but must be done. Have a process in place to patch and keep your software up to date.
3. Check your endpoint protection. What technologies are in place today? Are they working and deployed across the organization's endpoints? Are logs in place? Find out.
4. Keep staff apprised of risks. If there are risks in the wild that are concerning, let your staff know to be extra diligent. Staff is more likely to act appropriately if the threat is top of mind.
5. Create your incident response plan (and test it too!). Be ready in case you need to respond to an incident – from a lost laptop or a virus outbreak to something much more complex. Have a plan, test it, and reference it when needed. Preparation is key.
These are just 5 places to start making your organization more secure – today. There are many more, but if you start with these basics, you will be on the right path forward.