The starting point to protect a company from cyber threats is to develop an understanding of possible cybersecurity and privacy risks to company’s systems, assets, data, and capabilities. Therefore, a risk assessment must take place in order to go through everything what can be vulnerable to a security breach – digital and physical assets of the company, interconnections, etc.
Company must be able to answer questions such as: what are the possible cybersecurity and privacy threats? What is the company’s environment which might be at risk? If and how is the company exposed to the risks? What policies and procedures does the company have to manage the risks?
Cyberwatching.eu advises:
Other informational material:
Every company must put in place relevant safeguards that allow to fully avoid or at least limit and supress the impact of a likely cybersecurity incident. In order to do so, it is important not only using protective software but also timely updating and repairing the necessary components, training staff, ensuring data security, etc.
Cyberwatching.eu advises:
Related events:
In the unfortunate incidence of a cybersecurity and privacy breach, companies must respond immediately in order to minimize the loss. It is only possible if the breach is spotted timely, leaving attackers no time to act around the important data or software. Therefore, continuous monitoring and immediate discovery of any anomalous activity must be enabled.
Other informational material:
If, unfortunately, cybersecurity incident occurs, the company must be ready to respond quickly and limit the negative impact of the incident. Thus, all the companies must have a clear action plan prepared for such cases, as well as staff prepared to stop the breach, communicate about it to the relevant stakeholders, contain expansion of the incident, etc.
Cyberwatching.eu advises:
Other informational material:
Every company must have a plan that describes how to return to normal operations and limit damage to the company which might continue well after the breach. Such a recovery plan shall foresee the best ways to restore any lost capabilities or impacted services; internal and external communication activities; implementation of the lessons-learned.
Cyberwatching.eu advises:
Other informational material:
On the event of the adoption of the draft regulation laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union, the AI4HealthSec project kicked off a process to provide its opinion.
Cyberwatching.eu has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 740129. The content of this website does not represent the opinion of the European Commission, and the European Commission is not responsible for any use that might be made of such content. Privacy Policy | Disclaimer / Terms and Conditions of Use