+44 (0)20 7877 0060 contact@2-sec.com
Select Page

Stage 1: Prepare

How do I prepare my business?

To be prepared, businesses need to understand the likelihood of an attack, what the attack might look like and how to maintain business continuity in the event of a breach. The financial and reputational implications of a breach can be significant, yet many businesses remain unprepared.

Whilst it is difficult to predict when the organisation is going to be attacked, the business needs to assume that it is always under attack. By preparing, the business is quicker to respond to a successful attack and will have a recovery plan in place so that there is minimal impact to the business.

 

Cyber Protection: Prepare Stage

STRATEGISE

The first step in creating a resilient plan is to develop a clear understanding of your organisation’s environment.

All key business assets need to be identified and classified to understand what impact an incident would have on your ability to maintain your business processes and services.

It is essential to have full visibility of your digital and physical assets and their interconnections, and for the board, departmental and business leaders to understand their current business critical assets and risk exposure.

A complete inventory will include key intangible assets, physical networks, and hardware plus assets outside an organisation on which the business relies, such as third-party supply contracts.

ANALYSE

Once the assets are identified, a business impact analysis is performed to determine the likelihood, impact, and consequences of an event occurring.

To assess an asset’s risk, it is important to measure:

  • The overall threat to the asset (both inside and outside the organisation);
  • Its intrinsic and environmental vulnerabilities;
  • The cost of damage, interruption, and recovery should it be compromised.

Once the risks are identified, they should be compared relative to each other, to identify those which need prioritisation and warrant the most attention.

e

PLAN

Once the first two stages have been completed, appropriate solutions can be planned. Both technical and operational solutions are identified to create a formal framework for responding to an incident.

It is important to continually monitor and review the risk environment; to detect any changes in the context of the organisation, and to maintain an overview of the complete risk management process.

Know the security priorities for your organisation

Understand how you can improve your organisation's cyber readiness.

Cyber Security Risk Management Lifecycle

Prepare is stage 1 of 5. A business needs to implement all stages of the life cycle to best manage risk and protect the business. To discover more about the other stages of the life cycle, click on the segments below:
Created with Snap

Cyber & Information Security: Discover More

Here are some quick links to related services and articles that might be of interest

  • Stage 2: ProtectStage 2: Protect- Organisations must develop and implement an overarching strategy