The Action Plan CYBR650 Week 10

Week 10 feels good as we near the finishing line of this class. The assignments are really empowering, as they have been helping me to understand a part of our company business that I’m not usually involved in. Developing the action plan really helped me to get a better appreciation of our IT team. The action plan is a crucial document that could go a long way in mitigating the risks that have been identified. I believe one of the challenges our IT folks face is (sometimes) their inability to communicate their findings in the kind of verbiage that upper management (who are often not technical) understands. This is such a vital piece of the equation; if the action plan properly conveys to management how you conducted your assessment, along with your results and the plan to address the threats, vulnerabilities, and risks, chances are management would approve it. The learning objectives for these two weeks (9 and 10) gave us the opportunity to review and provide constructive criticism on the action plan provide by our classmates, and I really enjoyed it. While giving feedback, I am also taking away ideas on how I can improve my own document.

A good action plan is extremely important for improved security in any organization. Just identifying threats and vulnerabilities is not good enough. Action must be taken to mitigate these risks, and that’s where the action plan with good security recommendations come it handy. Many security breaches can be avoided if organizations simply implemented some common security controls and best practices, like updating configurations and keeping operating systems up to date with latest security patches. Even the best of hardware and software tools, if not properly configured, cannot resist cyber attackers. Hackers seem to be at the top of their game, employing more enhanced and sophisticated techniques to perform their exploits. Successful data breaches yield a big payload to attackers, and often have a major impact on organizations, including loss of revenue, loss of customers, damage to their brand, and even fines!

Many companies without a dedicated security team are now getting into the habit of using a managed security provider, much like in the case of Harry and Mae’s Inc. It can often be more cost effective and with less distractions to an internal staff. The idea is to go on the offensive, rather then being defensive. While we embrace rapidly advancing technologies, we have to understand these technologies often pose a serious security risk to organizations. IT staff have to stay current on new threats and security best practices. In today’s world of compliance with industry standards and federal and state regulations, companies have to be very serious about security; non-compliance can often result in hefty fines and other consequences. The action plan is useful in that it prioritizes the vulnerabilities, giving companies the chance to work on those that pose a major threat to the organization.

One very popular strategy in many action plan recommendations for better security is the development and implementation of a strong security policy, along with ongoing employee education and training, and monitoring for compliance. Employee education and training is beneficial to the employee and ultimately to the company. As employees practice good security measures, especially when it comes to passwords, etc., they’re doing their part to help keep the company safe and secure from data breaches. Employee education and training also helps to improve productivity, and it definitely goes a long way in adherence to quality and other industry standards. The action plan also provides a man to help track action ownership, resource estimates, priorities, target dates, etc. As it defines the recommended risk and compliance-related mitigation actions needed to improve the organization’s risk posture, it also provides a way to identify the company’s high priority assets and the owners or prime points of contact for these assets, which could come in very useful during or after an attack.