Taking your business online comes with many rewards, such as greater reach, rising profits and efficiency gains. But it also comes with risks.
Here are five steps to performing a cyber security risk assessment so you can ensure your business is prepared to get online.
- List your important systems and whether they're inside or outside your organisation. Note the kind of data they hold.
- Identify threats. Consider how valuable your data is and how easily your systems could be attacked, especially if they're online.
- Evaluate the risks. Think about what could go wrong with your data or systems – like if they're no longer private, correct, or available.
- Understand the impact. Figure out how each risk might affect your business, such as operationally, reputationally, financially or technically. Rate them as low, medium or high impact.
- Take action. Implement measures to reduce, transfer or accept risks. Share your plan with your team, and create a response plan for incidents. Regularly review your risk assessment as things change.
Source: Digital Boost. For more information, including a short video on this topic, see www.digitalboost.business.govt.nz