What is the most overlooked step in a cybersecurity plan?
Sort by:
Overlooking physical security in your CyberSecurity plan could leave a major gap in your CyberSecurity posture.
Getting senior executives fully on board and understanding it.
Communicating it in a way that makes sense to your people.
This is an excellent question. I think it's the maintenance of the plan itself. Because even if you document the plan, and the processes to address the response, each security incident is unique enough that it will require you to update the processes involved. So the moment you publish your plan, it's already out of date!
Absolutely. I would say actually following it, and keeping it up to date and current, are the biggest challenges. Too many organizations create a plan, the stick it on a shelf until the next annual audit rolls around. It does you no good if you don't actually follow through from the plan.
Testing, and that the plan must be regularly updated.
Regularly could mean quarterly or more often.