Question: Any there any new policies you are recommending?
If you don't have an IT Strategic Plan that guides your ISP and serves as a "north star" to the decisions you made based on how aggressive you want to be when deploying new technology-related products and services, as well as how much acceptable risk you're willing to take on when doing so, we highly recommend documenting such a plan.
Also, a Remote Working Policy is crucial in today's pandemic (as well as moving forward). Make sure your employees understand the expectations you have of them when working remotely, both from a cybersecurity perspective and from a productivity perspective. Make sure all employees review and sign a Remote Working Policy before they are allowed to work from home.
Finally, a Cloud Security Policy is important to guide security decisions around cloud-based applications and cloud-hosting. If you're using cloud applications or hosting, be sure to outline what you're doing to mitigate your risk of said cloud apps/hosting, what type of monitoring reports you receive to understand what's happening in this new environment, and what's being done to test the cybersecurity of your cloud apps/hosting environment.
Meet Our Expert!
Jon Waldman, CISA, CRISC
As an experienced cybersecurity executive and educator, Jon Waldman has worked for over 15 years to help hundreds of organizations be able to identify and understand cybersecurity risks, allowing them to make better and more informed business decisions. Jon is the Chief People Officer for SBS CyberSecurity, as well as the President of the SBS Institute.
You can ask our security experts your cybersecurity questions and they'll answer in an #askSBS blog post. Submit your questions in one of three ways:
- Submit your question here: https://lnkd.in/efCF7NK
- Use #askSBS in your own post with a question.
- Comment on one of our #askSBS social media posts with your question(s).
We're looking forward to hearing and answering your questions!
Hacker Hour webinars are a series of free webinars hosted by SBS CyberSecurity. Unlike paid webinars, Hacker Hours are aimed to meet on a monthly basis to discuss cybersecurity issues and trends in an open format. Attendees are encouraged to join the conversation and get their questions answered. SBS will also offer products and services to help financial institutions with these specific issues.