Top 12 privacy and cyber steps to take in January
As we start a new year, one that will likely be full of privacy and cyber challenges, it is helpful to think about some key action items you can take to improve your company’s cyber posture.
Here are 12 to consider for 2022 that can help reduce the impact of a cyber event.
- Think about what steps you can take to assess and review your supply chain risk.
- Review your incident response (IR) plan and make sure it addresses all current threats.
- Talk to other key privacy and cyber stakeholders to ensure lines of communication are open and escalation criteria are clear.
- Check your Securities and Exchange Commission (SEC) disclosures, if relevant for your company.
- Review your current privacy policies and disclosures for accuracy.
- Have a plan to track and deal with new legal requirements that are effective soon.
- Have a plan to stay up to speed on new threats and vulnerabilities.
- Make sure you have picked your IR vendors and have engagement documents in place.
- Re-assess your company’s risk tolerance regarding privacy and cyber to make sure it fits the current environment and has been communicated to all key stakeholders.
- Make sure business resiliency is appropriately factored into your planning.
- Assess your current risk shifting devices, including insurance, and think about whether a change in strategy is needed.
- Conduct a mini-tabletop exercise.
For more information, please contact the author of this article or your DLA Piper relationship attorney.