Public Sector: Information Security Starting With The Basics



Your Information Security Meter

How secure are your company's systems and critical data?



Here is your up-to-the-minute Security Meter, based on your answers on the right. Notice how changing your answers impacts the meter.

For a quick confidential conversation about improvements you can make, please contact us.

To see your security-related information in a single 24/7 console, learn more about the Data Defender.


These questions help identify factors that increase risk. Your Answer
Do you have a written Information Security Policy that is endorsed by management?
How often are employees and management given Security Awareness Training (SAT)?
Do you have a documented Data Inventory - a list of key data stores, where they are located, and how they are protected?
Is there a convenient list of Security Best Practices that all users are familiar with?
Is critical data backed up automatically, onto separate computers used for backups?
Does your company have remote or traveling employees who need network access?
Have you had a network vulnerability scan or professional security assessment from a third party consultant or advisor?
Does your company or organization have a public-facing web site?
Are you covered by a Data Defender subscription to insure Security Best Practices?






Data Breaches are on the rise

From CNBC: A cyber attack costs a small company or department $200,000 on average, putting many out of business. An IBM study for larger companies put the average at $4 million. We believe that prevention is easier than recovery.

77% of companies and organizations have a program like Data Defender in place to help reduce the risk of data breach or a damaging incident.

You don't have to turn over control of your systems and processes to a third party. You can make reasonable and effective changes on your own.

Explore






Data Defender - Cyber defenses in one central console

Data Defender: Security Simplified

Data Defender is your online custom Command Center. Track important policy documents, best practices, system scans and security communications. No technical skills are required.

You have choices as to how much security you need, how much you want to invest in risk reduction, and whether you want to wait until a successful cyber attack to take action.

Be proactive. Deploy the flexible Data Defender to save time and money.

Explore





Data Defender - Cyber defenses in one central console

Three Defenses Against Ransomware

Ransomware attacks take over your computer and make all your documents and files unusable. It can be devastating.

Are there steps you can take to reduce the impact of a ransomware event, allowing you to continue with normal business operations?

It turns out there are three low-cost steps you can take to reduce the damage done. Let's go over those steps and make sure your company is not seriously impacted by a ransomware attack.

Contact Us




Free Security Self-Assessment

Recommended: Take five minutes and utilize our simplified security self-assessment tool. Instant results display your Flex-Protection information security score, and offer suggestions for improvement.

This private, confidential assessment does not scan your network or require technical knowledge. It simply boosts your awareness of best practices and good security policy.

Show your management and stakeholders you are being proactive when it comes to protecting your company's systems and data.


Start







Free Downloads For Immediate Use


Information Security Policy

Your Information Security Policy

Download a flexible Information Security Policy (ISP) that you can use as the foundation of your data security initiative.


Download Your ISP
5 easiest steps

5 Easiest Security Steps

Discover and adopt these 5 measures that will make your data safer. Simple, cost-effective and won't disrupt your business.


Download
7 Best Practices

7 Best Practices

These 7 industry best practices will protect you in the long run. Consistent with ISO 27001 and the NIST framework. All industries, private and public sector.


Download

What The Big Security Companies Don't Tell You


Management Is Not Motivated. This is a blunt statement but it reflects the low priority that C-level management gives to information security at most companies. Immediately following a data breach, the level of attention and expenditures often increases.
Nobody Understands. With few exceptions, staff and management have very little idea what the job of the security team entails. Even the role of the CISO is misunderstood, as most regard data security as strictly an IT responsibility.
Fear Drives Cybersecurity. Big money is being spent on high-profile security services, while cost-effective measures are available which won't disrupt your daily operations. There really is a better way. Reduce your budget, simplify your data security, and manage everything in one place.





Protect Your Critical Data - Strategic Options


Start With Basic Cyber Defenses

Strategy 1: Start With the Basics.

Our ground-breaking Data Defender program delivers flexible and sensible protections without breaking your budget.


Basic Defenses
Cyber Risk Management Tool

Strategy 2: Manage cyber risks.

Our Risk Assistant flexible software is your best method to track cyber risks and defensive measures as they evolve.


Risks and Measures
Information Security self-assessment

Strategy 3: See where you stand.

Use the 5-minute self-assessment survey to find out how much cyber risk your current practices are exposing you to.


Start Assessment



You Can Reduce and Manage Risks


Data Defender image

Data Defender

Includes our 5 Easiest Steps, 7 Best Practices, Data Inventory Template, Information Security Policy, and a Security Assessment.


Sign Up
Risk Assistant image

Risk Assistant

Our flexible Risk Management application. Manage ongoing cyber risks by identifying and deploying appropriate defensive measures.


Manage Risks
Assessment image

Free Assessment

Your network and servers may be secure, but you could still use an outside assessment. A short survey will start the process.


Start An Assessment






Overviews and Short Videos


Basic Introduction

What is involved in cybersecurity and why does it matter?





Top Ten Defensive Measures

What are the best counter-measures my company can take to better protect our data and where do we start?





Risk Management

Learn more about our Risk Assistant tool, which lets you define risks and meaures and track your progress.





Risk Assistant Demo Online

Please take four minutes and view a prototype of the Risk Assistant application, matching risks and defensive measures.











Bullet Point Briefs: Overviews and Options for Better Security

ISO 27001

This Bullet Point Brief provides a high-level overview of the globally recognized ISO 27001 certification. You can decide if this step is appropriate for your organization. Download Here

AWS Data Security

Managing Information Security in the cloud is very different from your traditional local configurations. New tools and concepts can make security a challenge. Download Here



Choose Your Protection


Best Practices

I would like to implement simple best security practices to protect my company from cyber attacks and data breaches.





Risk Management

I am interested in utilizing a flexible risk management tool to improve our defenses and track our ongoing risk.





Consider My Options

What are some other simple steps I can take to achieve better information security in my organization?





We can meet with your management or board at any time to discuss your security, at no cost.

We always start by asking questions

What specific data items are potentially at risk and where are they stored? How are they currently being protected from data breaches and who is responsible?

Confidential Consultation

We are all in the same boat, regardless of our industry

Systems are constantly under attack, from both internal and external sources. Targets include personal, financial, payment, health, and operational data.

Start The Conversation

Enroll in the Data Defender program: A starting point for any organization.

How are you protecting yourself today?

Start with the basics and know where you are going. Let's build a simple plan together, in an hour, for free. Enroll Now

Keep it simple: Use only what you need

Guidelines, templates, initial steps, scans and assessments are all available to find and reduce risk. Get Started



Five Questions You Need Answers To


1. I see the huge data breaches in the news. So cyber attacks only happen to big companies, right?

No - many attacks and data breaches happen to small companies, organizations, and government departments. A recent large cybersecurity conference featured a full-day workshop for small governments and non-profits. It can happen to anyone.


2. There are so many bad actors out there and such a wide and growing variety of threats. Has it gotten to the point where there is really nothing that can be done to avoid a successful attack?

Well, there is a LOT that you can do to keep your business and your data - and your customer’s data - safe. No one is 100% protected, but there are definitely best practices that can be followed which greatly reduce the likelihood of a serious security incident. In fact, many steps that you can take are very economical, and are sometimes referred to as the “low hanging fruit”. And with additional resources, there are many technical, procedural, and user-focused measures you can apply to create additional layers of protection.


3. Will developing defensive policies and testing our security disrupt our daily operations?

It should not be allowed to disrupt normal business functions. Yes, if you authorize active - rather than passive - probing, testing and scanning on live data, during business hours, using improper tools, there may be disruption. To avoid this we make smart choices and utilize safe practices to avoid damage, disruption, and confusion. And we also agree on a detailed plan ahead of time.


4. But this is really just an IT problem, right? Aren't they paid to protect our data and systems?

Information Technology teams are certainly involved in protecting assets like computers and sensitive data. However, good data security is everyone's responsibility, from top management down to every employee or contractor. Targeted user education, best practices, and common-sense planning can help create a "culture of security" that is the foundation for good data protection. It all starts with a customized, comprehensive Data Security Policy document.


5. After we engage in a one-time cybersecurity project, then can we get back to business-as-usual?

Almost all modern companies, departments, and organizations rely on connected technology to help them perform their mission. And with the growing threat landscape that changes every year, vigilance and revising plans and policies are an ongoing priority. There will never be a day when we can stop paying attention to the cybersecurity responsibility we all carry. There may be additional effort and resources deployed to create initial plans and guidelines, but recurring training, planning, and vulnerability testing are here to stay.



Scenarios that May Sound Familiar

There are many steps you can take to defend yourself from ransomware, and to lesson the impact if it does happen. Let's create an Incident Response Plan to be ready.
You may not realize this attack has happened, since everything seems normal. Let's prepare for this threat with a few simple steps.
Now would be a good time to schedule some user Security Awareness Training (SAT) which will create safer habits and better cyber hygeine. It's a great risk management tool.