CYBERSECURITY REVIEW
& READINESS PROGRAM
CYBERSECURITY REVIEW & READINESS PROGRAM
Without the right planning, your organization could easily be crippled by a cyber-attack; days or weeks of costly outage can be avoided though. With our help, you can prepare quickly, and rest easy. You will be confident knowing you can recover from ransomware and other cyber-attacks.
RANSOMWARE IS STRIKING AT AN INCREASING RATE, AND WITH DISASTROUS CONSEQUENCES FOR ORGANIZATIONS JUST LIKE YOURS.
Modern advice from governments and security professionals involves trying to prevent attacks, but also preparing for the unfortunate likelihood that someday an attack will be successful. What follows is a high-level list of considerations that every organization needs to have well under control to be prepared for a ransomware attack. Putting the time in before an attack will save lots of downtime when the inevitable occurs.
“Organizations without dedicated cybersecurity professionals should consider establishing relationships with third-party cybersecurity service providers to assist in improving their protection against ransomware and preparing to recover from ransomware attacks.”
WE HAVE YEARS OF EXPERIENCE IN COMPLIANCE
Our security staff is led by Bobby Simpson, who holds the ISC2 Certified Information Security Systems Professional (CISSP), GIAC Certified Pen Tester, Incident Handler, and Intrusion Analyst certifications. Our staff can help guide you in preparing your organization to withstand cyber-attacks. Finley & Cook provides a Cybersecurity Review and Readiness Program, which will assess each of the elements on this list in detail and provide a prioritized list of recommendations related to weak areas.
Each element in the lists below should be examined in detail – none are yes/no questions. If you engage Finley & Cook, we can help find the answer to these questions and more. Your organization will be prepared to fend off attacks on your network and quickly recover from any problems that pop up.
DO YOU HAVE A LIST OF YOUR DATA?
• File Servers
• Database Servers
• Accounting System
• Back-of-house System
• Patron Management System
• Complete List of Desktop Computers
• Other Computerized Systems (Security, HVAC, Access, etc.)
IS YOUR STAFF TRAINED?
• Good Cyber Hygiene
• Identifying Trouble
• How to Report Problems
• Regular Reminders
DO YOU HAVE TECHNICAL PROTECTION?
• Application-aware Firewall
• Web Content Filter
• Email Spam and Virus Filter
• Antivirus Software
• Least Privilege File Permissions
• Patch Management
• Backups, Offsite Copies, and Immutable Storage
• Multi-factor Authentication
DO YOU ACTIVELY MANAGE YOUR SYSTEMS?
• Periodically Update the List of Data Sources
• Regularly Review Logs and Reports
• Perform Periodic Audits
• Establish Recovery Team and Plan
• Practice Restoring Business Systems
• Keep Cyber Insurance Up to Date
DO YOU HAVE A LIST OF YOUR DATA?
• File Servers
• Database Servers
• Accounting System
• Back-of-house System
• Patron Management System
• Complete List of Desktop Computers
• Other Computerized Systems (Security, HVAC, Access, etc.)
IS YOUR STAFF TRAINED?
• Good Cyber Hygiene
• Identifying Trouble
• How to Report Problems
• Regular Reminders
DO YOU HAVE TECHNICAL PROTECTION?
• Application-aware Firewall
• Web Content Filter
• Email Spam and Virus Filter
• Antivirus Software
• Least Privilege File Permissions
• Patch Management
• Backups, Offsite Copies, and Immutable Storage
• Multi-factor Authentication
DO YOU ACTIVELY MANAGE YOUR SYSTEMS?
• Periodically Update the List of Data Sources
• Regularly Review Logs and Reports
• Perform Periodic Audits
• Establish Recovery Team and Plan
• Practice Restoring Business Systems
• Keep Cyber Insurance Up to Date
