In honor of Data Privacy Week, each day this week Miller Nash is releasing one of our top five recommendations for where businesses should focus their privacy compliance efforts in 2024.
Thank Your Cybersecurity Team
Your cybersecurity team is nimble and busy. There are constant challenges to your systems, including malware, ransomware, social engineering, business email compromise, and phishing. Remember that you need to help your cybersecurity team prevent security incidents by training all employees to recognize security risks, vulnerabilities, and incidents. Awareness not only helps prevent incidents from occurring but also can help mitigate incidents.
Other ways to help your cybersecurity team do their jobs effectively:
- If you have not recently reviewed and tested your incident response plan, schedule it for Q1. Calendar both a validation test of the technical response and how you will handle the public communication and breach notification process.
- Complete a risk assessment and review your current technology for reasonableness under today’s standards. Zero trust, encryption in transit and at rest, and multifactor authentication are no longer expectations only for large, complex entities.
- Ensure that your employees know how to confirm new banking or wire instructions before unintentionally sending money to a scammer. Report potential phishing or business email compromise scams to your IT department.
- Give your security team the funding they need to do their job.
Read other Data Privacy Week Series posts: Check Your Policies and Procedures Against Legal Updates
Review Your Website
[View source.]