In December of 2016, a researcher approached credit card reporting agency Equifax with a simple message: Your website is vulnerable to a cyber attack. The company did nothing to patch the flaw. They were breached six months later, in May of 2017, with hackers stealing the sensitive data of 145.5 million Americans.
It’s an extreme example of an all-too-common business failing: that of cybersecurity preparedness.
As hacks continue to proliferate the news cycle, targeting both large corporations and small businesses, companies that previously didn’t see a need to invest in cybersecurity training and prevention are increasingly focusing in on one question: Are we prepared in the event of an attack? And, resoundingly, the answer is “no.”
Cybersecurity readiness involves developing a complex, proactive strategy that goes far beyond a basic response plan — although research suggests that many businesses don’t have one of those in place, either.
We’ve compiled the major steps you need to take to prepare your business for a cyber attack. Take a look at them below, and decide for yourself how your company would fare.
Creating an effective cybersecurity preparedness plan is a mix of implementing company-wide, procedural policies; utilizing data protection and taking technical precautions to protect your data; and putting a reactive plan in place in case the worst case does happen.
So, is your company prepared?
Rob Sobers is a software engineer specializing in web security and is the co-author of the book Learn Ruby the Hard Way.