The digital age enables us to transcend time and space – anytime, anywhere. However, digital communication still calls for caution. Cyber-attacks are becoming increasingly common and sophisticated. Protection against such attacks should be of highest priority for any company. Use the following checklist to protect yourself from cyber risks.
Have you appointed someone to be responsible for your IT security? (internal or external)
Have you implemented an authorization management system? (e.g., IT admin rights should only be granted very selectively and HR should not have access to a company's finances)
Have you defined and implemented password guidelines?
Are employees regularly updated on cyber risks (e.g., security training)?
Is a data backed up daily? Is back-up quality regularly checked? Is back-up stored in such a way that it cannot be destroyed, damaged, or changed with the original files (e.g., offline back-ups or unchangeable back-ups in clouds)?
Are your networks segmented? (At least the separation of IT and OT (machine control) is essential nowadays).
Are technical protective measures up to date? (including firewalls, virus scanners, spam filters, access protection, network encryption, authenticated remote access (e.g., VPN))?
Have you defined patch and update management to ensure that up-to-date patches/security updates are installed on the respective software/systems in a timely manner?
Have you taken security measures to ensure that only authorized personnel have access to servers? (e.g., locked cupboard/room)
Do you comply with the data protection regulations on your website? (e.g. concerning cookies)
