Difference between revisions of "User:Shawndouglas/sandbox/sublevel3"

From LIMSWiki
Jump to navigationJump to search
Line 1: Line 1:
At this point, you've probably already touched upon who's most interested or concerned about how cybersecurity is implemented within your organization. The first two steps of the plan call for defining cybersecurity goals, success, scope, and responsibilities. By extension, internal leadership with a significant stake in cybersecurity success has thus been identified. Additionally, the employees of an organization play an important role in developing or applying policies and procedures that come from your cybersecurity plan. You may have identified even more internal interests in seeing the plan succeed as well. Be sure at this point those stakeholders have been clearly identified. Also ensure their roles and responsibilities are clearly outlined and disseminated to the appropriate people, which further facilitates improved internal processes, communication, accountability, and preparedness.<ref name="NARUCCyber18">{{cite web |url=https://pubs.naruc.org/pub/8C1D5CDD-A2C8-DA11-6DF8-FCC89B5A3204 |format=PDF |title=Cybersecurity Strategy Development Guide |author=Cadmus Group, LLC |publisher=National Association of Regulatory Utility Commissioners |date=30 October 2018 |accessdate=23 July 2020}}</ref><ref name="LebanidzeGuide11">{{cite web |url=https://www.cooperative.com/programs-services/bts/documents/guide-cybersecurity-mitigation-plan.pdf |format=PDF |title=Guide to Developing a Cyber Security and Risk Mitigation Plan |author=Lebanidze, E. |publisher=National Rural Electric Cooperative Association, Cooperative Research Network |date=2011 |accessdate=23 July 2020}}</ref>
You've also managed to identify what regulations affect your organization's operations, as well as who would be most affected by cybersecurity incidents. This and other areas are where you turn to identify your external stakeholders. While the identities of internal stakeholders are fairly easy to discern, determining external stakeholders can be a bit more challenging, and it will vary slightly depending on the nature of your business. A forensic science laboratory, for example, will have to consider the likes of federal agencies as stakeholders for reporting and accountability of sensitive data, whereas a public library addressing cybersecurity would have quite different external stakeholders. Be sure to look beyond government to software and equipment vendors, customers, and investors.
 
==References==
{{Reflist|colwidth=30em}}

Revision as of 16:37, 16 February 2022

You've also managed to identify what regulations affect your organization's operations, as well as who would be most affected by cybersecurity incidents. This and other areas are where you turn to identify your external stakeholders. While the identities of internal stakeholders are fairly easy to discern, determining external stakeholders can be a bit more challenging, and it will vary slightly depending on the nature of your business. A forensic science laboratory, for example, will have to consider the likes of federal agencies as stakeholders for reporting and accountability of sensitive data, whereas a public library addressing cybersecurity would have quite different external stakeholders. Be sure to look beyond government to software and equipment vendors, customers, and investors.