Prime Day

Como cliente Amazon Prime obtén 3 meses de Audible gratis

Diseño de la portada del título Cybersecurity Program Best Practices

Cybersecurity Program Best Practices

Muestra

Escúchalo ahora gratis con tu suscripción a Audible

Prueba gratis durante 30 días
Después de los 30 días, 9,99 €/mes. Cancela tu siguiente plan mensual cuando quieras.
Disfruta de forma ilimitada de este título y de una colección con 90.000 más.
Escucha cuando y donde quieras, incluso sin conexión.
Sin compromiso. Cancela tu siguiente plan mensual cuando quieras.

Cybersecurity Program Best Practices

De: United States Department of Labor
Narrado por: Tom Brooks
Prueba gratis durante 30 días

Después de los 30 días, 9,99 €/mes. Cancela cuando quieras.

Compra ahora por 5,96 €

Compra ahora por 5,96 €

Oferta de tiempo limitado | 0,99 € al mes durante los primeros 3 meses

Obtén este título con una suscripción a Audible Premium: 0,99 € al mes durante los primeros 3 meses

Cybersecurity Program Best Practices

ERISA-covered plans often hold millions of dollars or more in assets and maintain personal data on participants, which can make them tempting targets for cyber-criminals. Responsible plan fiduciaries have an obligation to ensure proper mitigation of cybersecurity risks.

The Employee Benefits Security Administration has prepared the following best practices for use by recordkeepers and other service providers responsible for plan-related IT systems and data, and for plan fiduciaries making prudent decisions on the service providers they should hire. Plans’ service providers should:

  1. Have a formal, well-documented cybersecurity program.
  2. Conduct prudent annual risk assessments.
  3. Have a reliable, annual third-party audit of security controls.
  4. Clearly define and assign information security roles and responsibilities.
  5. Have strong access control procedures.
  6. Ensure that any assets or data stored in a cloud or managed by a third party service provider are subject to appropriate security reviews and independent security assessments.
  7. Conduct periodic cybersecurity awareness training.
  8. Implement and manage a secure system development life-cycle (SDLC) program.
  9. Have an effective business resiliency program addressing business continuity, disaster recovery, and incident response.
  10. Encrypt sensitive data, stored and in transit.
  11. Implement strong technical controls in accordance with best security practices.
  12. Appropriately respond to any past cybersecurity incidents.
©2021 Tom Brooks (P)2021 Tom Brooks
adbl_web_anon_alc_button_suppression_t1
No hay reseñas aún