InfoSec Tips
InfoSec Tip of the Day — a long-running series of tactical cybersecurity tips.
Balanced Investment
While maintaining a robust cybersecurity budget is essential, it's equally crucial to invest in continuous staff training, process optimization, and stakeholder communication to…
Cyber Budget Prioritization
Allocate budget based on a risk-based assessment. Ensure that resources are prioritized towards the protection of critical assets and compliance requirements, taking into account…
Cross-functional Collaboration
Promote collaboration between IT, legal, and communication teams. Unified action ensures that not only are cybersecurity incidents handled efficiently, but disclosures also comply…
Cyber Risk Communication
Establish clear communication channels internally, ensuring that when cybersecurity incidents arise, information flows rapidly to decision-makers.
Vendor and Supply Chain Oversight
Given the interconnected nature of businesses, ensure your vendors and supply chain partners align with your cybersecurity standards.
Cybersecurity Training for Boards
Equip your board members with regular training on emerging cybersecurity threats and best practices.
Navigating National Security Delays
Be prepared for potential delays in disclosing material cybersecurity incidents if the U.S. Attorney General determines it poses a substantial risk to national security.
Annual Cyber Strategy Review
Prioritize an annual review of your cybersecurity risk management, strategy, and governance.
Board’s Cyber Oversight
Incorporate cybersecurity expertise within the board to ensure comprehensive oversight of cyber risks.
Timely Cyber Incident Reporting
With the SEC's 2023 rules, companies must promptly determine the materiality of a cybersecurity incident.