The Importance of Cybersecurity Policies

Advisor Perspectives welcomes guest contributions. The views presented here do not necessarily represent those of Advisor Perspectives.

According to a February 2018 report from the White House Council of Economic Advisors, the U.S. economy suffered between $57 billion and $109 billion in losses due to cyberattacks in 2016. Constantly evolving threats endanger institutions and individuals alike. These threats require consistent monitoring to mitigate the risk.

Responding to the evolving cyber threat

My firm implemented a robust IT governance program that uses the National Institute of Standards and Technology(NIST) cybersecurity model as part of its risk-management framework. This framework monitors the following key areas of IT risks:

1. Network security both at the edge boundary (firewall rules and intrusion detection) and internal assets management (vulnerability scanning, patch management and virus protection);

2. User access management for entitlement (privileges) to access and use Summit Trail information;

3. Third-party security review and Service Level Monitoring;

4. Incident management of cyber security events;

5. Business continuity and disaster recovery;