After developing a framework and conducting assessment, we put in place a program to discover, assess, prioritize, remediate and measure all assets across your computing environments. This is not a one-time process, but a continual, on-going set of activities.

CyberIQ uses the NIST Framework for Improving Critical Infrastructure Cybersecurity [CSF14] as it provides a simple, common language for helping organizations to identify, assess, and manage cybersecurity risks. We have outlined some of the basic concepts, but there's a lot more to it. Contact us to set up a consultation.

Understand and Manage Your Risks
By understanding your risks, you can know where to focus your efforts. While you can never completely eliminate your risks, the goal of your information security program should be to provide reasonable assurance that you have made informed decisions related to the security of your information

Safeguard Your Information
Determine who has or should have access to your business’s information and technology. Include whether or not a key, administrative privilege, or password is required. Be aware of anyone who has access to your business. Do not allow unknown or unauthorized persons to have physical access to any of your business computers.

Create policies and procedures for information security
Policies and procedures for information security and cybersecurity should clearly describe your expectations for protecting your information and systems. These policies should identify the information and other resources that are important and should clearly describe how management expects those resources to be used and protected by all employees.

Patch your operating systems and applications
Any software application including operating systems, firmware, or plugin installed on a system could provide the means for an attack. Only install those applications that you need to run your business and patch/update them regularly. Many software vendors provide patches and updates to their supported products in order to correct security concerns and to improve functionality. Ensure that you know how to update and patch all software on each device you own or use.