Proactive Services
Proactive services may not be a formalized function within your cybersecurity program today, but there is a possibility you are doing some form of proactive services as part of your program. If not, you must look to implement proactive services within your program. There are several different types of them you should consider. One is the ability to identify any weaknesses and risks within your environment from testing types of activities and assessments – for example, penetration testing activities. A couple of extremely relevant proactive services include the need to ensure that you have a robust Cybersecurity Incident Response Plan (CIRP) in place along with the need to execute tabletop exercises. You’ve heard me state before that it’s only a matter of “when” and not “if” a cybersecurity incident is going to occur. Statistics are not on our side, and the reality is that we need to be best prepared for when a major...