Data Loss Prevention.
It is extremely pleasing to see the Australian Government working hard on helping organisations with their overall Information Security Management.
Home | Cyber.gov.au is an excellent website to bookmark.
With the information constantly being updated on this site, I worry that organisations are falling farther behind, because Information Security Management still does not make its way into the overall Risk Managment Strategy.
As organisations, we seem to have implemented Work Health and Safety so very well, so how do we start getting the same uptake on Information Security Management?
Some suggested steps.
Elevate, across the entire organisation, the words being used;
instead of the more technical word(s); cybersecurity, firewalls, application control -> think instead of the overall Information Security Management, ie The Owners or Board MUST manage the security of ALL information!
Start picking some risk areas to understand;
I find this is an excellent first step in understanding “does my business actually have client’s personal data?“ and “how do I start securing that information“ -> Securing Customer Personal Data for Small to Medium Businesses | Cyber.gov.au
Share that information and understandings across the entire organisation. The IT team might know this inside and out, BUT most likely the language is far too complex. Speak in non IT language, Speak in business language.
SEEK UNDERSTANDING TO STAY COMPLIANT!
Summary
Some of those actions can be carried out by yourself, some ideally will be done in partnership with a Trusted Technology Solutions Provider.
Links
List of our Professional Services | Strategy & Goverance | Compago Technologies