October 23, 2022
Are you budgeting for cybersecurity resources and your Plan B?
Now is a good time to verify that your department is committing sufficient resources to required cybersecurity internal controls and a Plan B if critical systems are offline.
Action Items:
- Complete the Enterprise Information Security Standards Self Assessment Questionnaire available on CTR Cyber to determine where resources are required and meet risk assessment requirements.
- Identify your critical tasks.
- Identify the networks, systems, third-party software, and other entities that you depend on to achieve your critical tasks.
- Develop processes and workarounds to manage these critical tasks without email and technology at each step of the process.
- Test and retest these processes to identify risks and weaknesses and continue training staff on cyber awareness.
- Update your Incident Response, Business Continuity, and Disaster Recovery Plans with your Plan B processes.
Developing and testing your Plan B can greatly improve risk assessments across the enterprise and improve security at each step to reduce the chances of a cyber incident.
See our CTR Cyber page for more cybersecurity internal controls. Departments should contact [email protected] with any incidents or suspected incidents of fraud or cyber threats or if you need support from our Statewide Risk Management Team.