Security Questions Every CIO Must Be Able to Answer
April 21, 2016 6:30 AM
Security Questions Every CIO Must Be Able to Answer
Every organization is a potential target of a cyber-attack, and most security studies warn that the majority are overly confident in their defenses. Knowing how safe and secure your organization really is may depend on how you answer these critical questions.
Security Questions Every CIO Must Be Able to Answer
Cybercrime is an insidious business; it happens in plain sight, avoids detection and causes damage quickly. There are even cybercrime-as-a-service offerings available to criminals who lack the technical know-how to reap the big jackpots capable of totaling tens of millions of dollars, according to Logicalis, an international IT solutions and managed services provider (www.us.logicalis.com). So, how do you prepare your organization to overcome an eventual attack? The firm stresses that any solution begins by answering these important questions:
Security Questions Every CIO Must Be Able to Answer
If you knew that your company was going to be breached tomorrow, what would you do differently today?
Security Questions Every CIO Must Be Able to Answer
Has your company ever been breached? How do you know?
Security Questions Every CIO Must Be Able to Answer
What assets am I protecting, what am I protecting them from (i.e., theft, destruction, compromise), and who am I protecting them from (i.e. cybercriminals or even insiders)?
Security Questions Every CIO Must Be Able to Answer
What damage will we sustain if we are breached (i.e., financial loss, reputation, regulatory fines, loss of competitive advantage)?
Security Questions Every CIO Must Be Able to Answer
Have you moved beyond an inside vs. outside perimeter-based approach to information security?
Security Questions Every CIO Must Be Able to Answer
Does your IT security implementation match your business-centric security policies? Does it rely on written policies, technical controls or both?
Security Questions Every CIO Must Be Able to Answer
What is your security strategy for IoT (also known as the Internet of threat)?
Security Questions Every CIO Must Be Able to Answer
What is your security strategy for anywhere, anytime, any device mobility?
Security Questions Every CIO Must Be Able to Answer
Do you have an incident response plan in place?
Security Questions Every CIO Must Be Able to Answer
What is your remediation process? Can you recover lost data and prevent a similar attack from happening again?
