Businesses must have a comprehensive security plan to protect assets from cyber and physical attacks.
An information security plan should cover a framework of five basic functions, according to NIST (National Institute of Standards and Technology). They are:
Identify – understand what assets are at risk
Protect – implement safeguards to ensure your business stays running
Detect – know when you business is under attack before it’s too late
Respond – take swift action to mitigate attacks
Recover – be resilient and bounce back from the effects of breaches
A CISSP (Certified Information Systems Security Professional) can help you learn more about implementing the security framework.
Stan Fleury, CISSP, CEH 