Como criar um plano de segurança cibernética organizacional

This handbook was prepared with one simple goal in mind: to help your organization develop an understandable and implementable cybersecurity plan. A well-crafted and up-to-date organizational security plan reinforces an organization's safety and effectiveness, providing the peace of mind employees need to focus on the important daily work they need to do. If you haven't already, take a moment to read the introduction to the Handbook to learn more about security plans and why your organization needs to have one.

read the introduction


While every organization's security plan will look slightly different based on their risk assessment and organizational dynamics, certain basic concepts are nearly universal.

This handbook addresses these essential concepts in a way that helps your organization create a concrete security plan based on practical solutions and real-world applications.

The manual seeks to offer free or very low cost options and suggestions. Remember, the most significant cost associated with implementing an effective security plan will be the time you and your organization need to talk, learn, and implement your new plan. However, considering the risks your organization is likely to face, this investment will be well worth it.

In each section, you'll find an explanation of a key topic that your organization and your team should know about: what it is and why it matters. Each topic is paired with recommended strategies, approaches, and tools that are essential for limiting your risk, as well as tips and links to additional resources that can help you implement these recommendations in your organization.

Basic security plan kit

Get the Starter Kit!

To help your organization process the manual's lessons and turn them into a real plan, use this starter kit. You can print the kit or fill it out digitally while reading the online manual. As you take notes and begin to update or build your security plan, be sure to refer to the “Basic Components of the Security Plan” detailed in each section. No security plan is complete without, at a minimum, addressing these essential elements.


The main topics are


Aproveite outros recursos que também podem ajudá-lo a criar e implementar seu plano. Como uma organização da sociedade civil, o aplicativo gratuito SOAP (Securing Organizations with Automated Policymaking) pode ajudar a simplificar e automatizar a criação do seu plano de segurança. Também faça uso de recursos de treinamento gratuitos, como o Planejador de segurança da Consumer Reports, o aplicativo Umbrella da Security First, o Projeto Totem da Free Press Unlimited e Greenhost, e o Kit de ferramentas de segurança cibernética para organizações com uma missão social da Global Cyber Alliance, que abrangem recursos em muitas das práticas recomendadas mencionadas neste manual e links que direcionam a dezenas de ferramentas de treinamento para ajudá-lo a implementar inúmeros princípios básicos.