This Handbook was written with a simple goal in mind: to help your organization develop an understandable and implementable cybersecurity plan. A well-crafted and updated organizational security plan can both keep you safe and make you more effective by providing the peace of mind needed to focus on your organization’s important day-to-day work. If you have not yet, take a moment to read the introduction to the Handbook to learn about security plans and why your organization should have one.
While every organization’s security plan will look a little bit different based upon its risk assessment and organizational dynamics, certain core concepts are nearly universal.
This Handbook addresses these essential concepts in a way that will help your organization build a concrete security plan based upon practical solutions and real-world applications.
This Handbook endeavors to provide options and suggestions that are free or very low cost. Keep in mind that the most significant cost associated with implementing an effective security plan will be the time you and your organization need to talk about, learn, and implement your new plan. Given the risks your organization is likely to face, though, this investment will be more than worth it.
In each section, you will find an explanation of a key topic that your organization and its staff should be aware of - what it is and why it is important. Each topic is paired with essential strategies, approaches, and recommended tools to limit your risk and tips and links to additional resources that can help you implement such recommendations across your organization.
Security Plan Starter Kit
To help your organization process the Handbook’s lessons and turn them into a real plan, make use of this starter kit. You can either print out the kit or fill it in digitally while you read the Handbook online. As you take notes and begin to update or craft your security plan, be sure to reference the “Security Plan Building Blocks” detailed in each section. No security plan is complete without, at minimum, addressing these essential elements.