Cybersecurity checklist

Checklist: Implement these cybersecurity measures now

By completing this checklist, organizations can earn quick wins toward boosting their cybersecurity practices and organizational resilience.

The latest IBM report found that lost business continues to be the highest cost of a data breach (seventh year in a row). Almost 40% of the total cost of a data breach results from lost business. For organizations with less than 500 employees, the average cost of a breach rose by 25% year-over-year. As we like to tell clients, cybersecurity risk is business risk.

The Cybersecurity & Infrastructure Security Agency (CISA) recently issued a checklist to help organizations of all sizes reduce the likelihood and impact of a potentially damaging cybersecurity event. We believe the steps listed by the CISA below can help senior leaders better understand their risk environment and take appropriate actions now.

Protect

  • Validate that all remote access to the organization’s network and privileged or administrative access requires multi-factor authentication.
  • Ensure that software is up to date, prioritizing updates that address known exploited vulnerabilities identified by CISA.
  • Confirm that the organization’s IT personnel have disabled all ports and protocols that are not essential for business purposes.
  • If the organization uses cloud services, ensure that IT personnel have reviewed and implemented strong controls outlined in CISA’s guidance.
  • Sign up for CISA’s free cyber hygiene services, including vulnerability scanning, to help reduce exposure to threats.

Detect

  • Ensure that cybersecurity/IT personnel are focused on identifying and quickly assessing any unexpected or unusual network behavior. Enable logging to investigate issues or events better.
  • Confirm that the organization’s entire network is protected by antivirus/antimalware software and that signatures in these tools are updated.

Respond

  • Designate a crisis-response team with main contact points for a suspected cybersecurity incident and roles/responsibilities within the organization, including technology, communications, legal, and business continuity.
  • Assure availability of key personnel; identify means to provide surge support for responding to an incident.
  • Conduct a tabletop exercise to ensure all participants understand their roles during an incident.

Recover

  • Test backup procedures to ensure that critical data can be rapidly restored if the organization is affected by ransomware or a destructive cyberattack; ensure that backups are isolated from network connections.
  • If using industrial control systems or operational technology, conduct a test of manual controls to ensure that critical functions remain operable if the organization’s network is unavailable or untrusted.

In summary

By completing this checklist, organizations can earn quick wins toward boosting their cybersecurity practices and organizational resilience. Items in the checklist intentionally go beyond software and tools. If you would like to learn more about AGH’s balanced approach to cybersecurity (people, process, and technology) or have questions about your unique cybersecurity situation, contact Brian Johnson using the information below.

Brian Johnson

Senior Vice President
Technology Services

Brian joined AGH in 1992. He leads the firm’s technology services practice where he helps clients achieve measurable performance improvements through the delivery of specialized, competency-based information systems management, assurance, and advisory services. He has extensive experience in information security, network engineering, and solution development, with recognized specializations in governance, risk, control, and related consulting services.

Brian is a member of ISACA (previously known as the Information Systems Audit and Control Association), the Kansas Society of Certified Public Accountants (KSCPA), the American Institute of Certified Public Accountants (AICPA), the AICPA’s Information Management and Technology Assurance (IMTA) Section, and the Association for Supply Chain Management (ASCM). He is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT), Certified in Risk and Information Systems Control (CRISC), Certified Data Privacy Solutions Engineer (CDPSE), and Certified in Production and Inventory Management (CPIM).

Brian is also a Certified Public Accountant (CPA) and a graduate of Wichita State University, where he earned Master of Accountancy and Bachelor of Business Administration degrees.

Information security is more than technology, it requires educated staff.
See how we can help identify and mitigate your security vulnerabilities.