Five emergency management threats and cyber vulnerabilities businesses and organizations are experiencing
The following elements are five of the most critical common threats and vulnerabilities that many businesses and organizations are experiencing.
1. Inadequate protection of data
* Stored on unsecure or unsuitable platforms;
* Not encrypted in storage or transit; and
* Not securely disposed of
* Organizations don’t know what data they hold or where it is stored.
* Access controls are poor.
* Staff are often unsure of how to handle different types of data.
* There are no data exfiltration controls.
* The overriding attitude is one of not knowing the General Data Protection Regulation (GDPR) and how it affects their operation.
2. Inadequate emergency management systems
* Poor incident detection capabilities;
* No emergency management incident reporting process; and
* No simple incident response plans that integrate into other more physical response plans
* In addition, staff are unsure of who to report incidents to in the hierarchy of emergency management
3. Third-party risk
* Address or assess risks from third-party suppliers; or
* Carry out regular audits on their third-party suppliers.
* Some suppliers have unlimited access to resources and data.
* Suppliers’ employees are not security vetted.
* Confidentiality and non-disclosure agreements are non-existent.
4. Inadequate technical defences
* Out-of-date or inadequate vulnerability patching;
* End-of-life hardware;
* Poorly configured security hardware and anti-virus software;
* Unsecure networks;
* Not conducted penetration testing or vulnerability scans; and
* An inadequate network perimeter and device monitoring.
5. Inadequate training
* No efficient emergency management system
* No or inadequate security training for staff;
* A lack of staff security awareness communications; and
* No updates warning staff of the current threats
* No overall strategy of how to manage a major incident
6. What can you do?
Many businesses and organizations are still not getting the basics of efficient and economically effective emergency management right.
To avoid making expensive and, sometimes fatal, business mistakes, you should schedule a Ci6 EMERGENCY MANAGEMENT ENGINEERING evaluation of your current emergency management which will include your cyber security issues such as a Cyber Review. This will explore your organization’s total risks and include all your cyber risks, vulnerabilities and threat exposure, and provide you with recommendations for improvement.
FOR MORE INFORMATION
Please visit www.3ciglobalsolutions.co.uk for more information on how we can help, and/ or email: firstname.lastname@example.org and one of friendly consultants will contact you to ‘ highly confidentially’ discuss your circumstances.