In the wake of yet another high-profile attack on corporate security infrastructure, many companies are rightly concerned with their security posture and their own susceptibility to a cyber attack. Whether you are a seasoned security chief or an entrepreneur who wears a security hat among many others, know that you don’t have to go it alone. Lurie has a talented team of information security auditors and business consultants who would love to assist. Not quite ready to bring in outside help? Here’s a three-step plan to help you get started:
- Inventory of data and assets – before you can protect your systems and data, it’s important to understand how those systems and data fit into your technology environment. Who has responsibility for defending the cyber perimeter of your sensitive servers and databases – is that your responsibility or that of your cloud provider? Does all of your sensitive customer data reside in the cloud or do you have on-premise servers?
- Undergo a security self-assessment. Self-assessments are an excellent way to see how your organization stacks up on important security controls and identify areas of weakness that need to be shored up. There are many great resources available to security leaders, two in particular that you might consider are NIST SP 800-171 and the Cyber Security Evaluation Tool (CSET).
- Develop an information security policy to ensure that your security expectations are known to employees and that your security program is both scalable and repeatable.
Contact us if you’re still not sure where to get started or what the next steps might look like.
Meet Your Team
A Navy veteran with a broad base of experience in multiple audit disciplines, Sean offers a well-rounded approach to his technology advisory and attestation work. He sees trust as a foundational component in the auditor/client relationship. He emphasizes the importance of transparency, accountability, and professionalism on his audit teams – an easy task with the exceptional auditors he has the privilege to work with at Lurie.
Let's start a conversation.
This article is for your general education, and does not create a client relationship or any service engagement between you and Lurie LLP. The content of this article is based on the best information available, but official guidance, rules, laws and/or updates may change and become out of date. Please contact your Lurie advisor before acting on any of the information contained in this article.
We may provide links to third-party sources for your convenience, but we do not review, control, or monitor the materials on any other websites. Lurie LLP is not responsible for the performance of those websites or for your business dealings with them.