Table 1. Six steps that will improve the cybersecurity posture of any organization.
• Categorize and classify your systems and data
according to risk of downtime, data loss, data
destruction, and data theft
• Grant access to systems and data only to
those who truly “need to know.”
• Work with your institutional security officer to
select, implement, train, and routinely test ap
propriate procedural and technical controls.
• Assess the effectiveness of all controls via a
third-party testing or audit.
• Ensure that the security controls are monitored
on a regular basis.
• Have a clearly articulated incident-response
plan and trained users.