We've spent the last 3 weeks breaking down the formula in significant detail: using industry standards, protect your technology, protect your data, and protect your people. That will get you to about 97% secure. But... what about that last 3%? What if you do everything right and STILL get attacked? How do you survive a full-blown cyber incident?
Today we interview the great Robert Cioffi and learn exactly what he did when everyone's worst business nightmare came knocking on his door.
My #1 key takeaway: CULTURE. Retreat to your war room and dig deep on your company core values. Who are you as an organization? Let that be your #1 guide when rubber hits the road.
Takeaway #2: community. "No matter how brilliant you are, there’s always something to learn." Get involved in your local community and your industry's community.
Takeaway #3: “You really need to be following some sort of framework”. This is what we talk about week after week when we suggest following industry standards and best practices. There are dozens of frameworks out there. Some are required by government regulation (PCI, HIPAA, NIST, CMMC, etc.). Others, like CIS, are designed to be self-regulated. Follow the ones that best suit your business model.