In episode 64 of Cybersecurity Where You Are, co-host Sean Atkinson initiates a series around establishing an underlying policy for your organization's cybersecurity program. He begins by discussing how a policy provides an overview of the business rules, or standards, that will feature in the program. With each standard, he clarifies that you can take a procedural approach to upholding supporting elements. He then narrows his focus to managing data and information, including different types of data management considerations for your organization. Along the way, he points out how you can use resources from the Center for Internet Security (CIS) to drive continuous improvement in this space.

Resources

• Data Management Policy Template for CIS Control 3
• The Cost of Cyber Defense: CIS Controls IG1
• Prioritizing a Zero Trust Journey Using CIS Controls v8
• Episode 61: Overcoming Pre-Audit Scaries Through Governance
• How to Navigate the Cybersecurity Audit Cycle with CIS SecureSuite

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].