In the first installation of our weekly series during National Cybersecurity Awareness Month, we examine information security plans (ISP) as part of an overall cybersecurity strategy. Regardless of the size or function of an organization, having an ISP is a critical planning and risk management tool and, depending on the business, it may be required by law. An ISP details the categories of data collected, the ways that data is processed or used, and the measures in place to protect it. An ISP should address different categories of data maintained by the organization, including employee data and customer data as well as sensitive business information like trade secrets.
Continue Reading The Importance of Information Security Plans