Take a deep breath… Your organization has survived the shift to Work From Home (WFH), your team did a good job implementing your Business Continuity Plan, and you are starting to think about what the ‘new normal’ actually looks like for your association.
As you contemplate the next steps, information security should be top of mind. Why? Because recent events are challenging our assumptions about where and how to protect the confidentiality, integrity, and accessibility of information assets.
It is easy to think of data as something we can store in a safe location, build a fence around, and post a guard at the gate to keep out the bad guys. Cloud computing, software-as-a-service, and remote work have redefined where data is stored, who guards it, and where boundaries do or don’t exist.
The actors have also changed. Our perceptions about hackers are often driven by cartoonish and oversimplified caricatures of lone actors locked in dark rooms in distant locations. Nothing could be farther from the truth. The hacking ecosystem has evolved from the lone actor to cottage industry to fully operational online marketplaces on the Dark Web.
It is also inaccurate to think of information security as solely driven by the potential for financial gain. Yes, much of hacking activity is targeted at emptying your bank account, but there are other existential threats in cyberspace. Cyber threat motivations run the gamut from political to social to economic.
COVID-19 did not start this conversation, but it does amplify the need for thoughtful planning, policy development, and education about information security management throughout your organization.7 Considerations for Information Security
Here are some things you should put on the ‘re-entry radar’ as you define the new normal of information security for associations:
Check out our free ebook The Ultimate Guide to Cybersecurity for Associations to learn the ins and outs of how to implement a rational information security plan today to keep your organization and member data safe.