The Security Plan for Business

Businesses must have a comprehensive security plan to protect assets from cyber and physical attacks.

Identify, Detect, Respond, Protect, and Recover
Credit: N. Hanacek/NIST

An information security plan should cover a framework of five basic functions, according to NIST (National Institute of Standards and Technology). They are:

Identify – understand what assets are at risk

Protect – implement safeguards to ensure your business stays running

Detect – know when you business is under attack before it’s too late

Respond – take swift action to mitigate attacks

Recover – be resilient and bounce back from the effects of breaches

A CISSP (Certified Information Systems Security Professional) can help you learn more about implementing the security framework.