Melissa Krasnow | May 1, 2014
In February 2014, the California Attorney General, in collaboration with the California Chamber of Commerce and the mobile security company Lookout, issued a guide titled "Cybersecurity in the Golden State" with recommendations for California businesses (especially small to midsize businesses) on managing cyber security risks. Businesses elsewhere also should review and consider this guidance and these recommendations.
These recommendations are not regulations, mandates, or legal opinions. They provide a brief and incomplete summary of several best practices that help manage the risks posed by cyber security threats facing small businesses and a response plan for a cyber incident.
Following is a 25-item checklist summary of these practical recommendations for businesses on managing cyber security risks.
Businesses also are encouraged to review the "National Institute of Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity," a voluntary risk-based set of industry standards and best practices for organizations to use in managing cyber security risks that was issued in February 2014, as well as the payment card industry data security standards in the case of businesses with credit card payment information.
Opinions expressed in Expert Commentary articles are those of the author and are not necessarily held by the author's employer or IRMI. Expert Commentary articles and other IRMI Online content do not purport to provide legal, accounting, or other professional advice or opinion. If such advice is needed, consult with your attorney, accountant, or other qualified adviser.