Paxton Media Group is being sued on how it responded to a cybersecurity breach that affected over 20,000 individuals and then they did not notify the individuals for several months. That is the Paxton Media Group’s issue where their brand is now damaged. But what will your company do when you are breached? Do you know? Where in US businesses, almost all third-party vendors that come into contact with data are not vetted, are not certified and are not properly trained, will you perform better than the Paxton Media Group? You can think poorly of the Paxton Media Group or the Colonial Pipeline company, but each year, we see businesses totally unready for a cyberattack. And in 2021 assessments, we see businesses using unvetted, non-compliant and non-certified companies in their enterprise offices and datacenters. October begins Cybersecurity Awareness Month. During that month, you can download the NIST CSF, create policies and procedures, conduct training, execute data security practices, perform verification and management monitoring. Eventually, you will create and practice two plans. A Business Continuity Plan and a Disaster Recovery Plan, so you will be ready for your breach. As you mature, your team will be better, your business will be more efficient, and your community will be safer. When a company like the Paxton Media Group is breached and does not tell those affected. How can they be trusted? Will you do better?
A mature CSF certified company like TechR2 and yours practices their BCP and DRP regularly. If you are not, you will want to partner with ISO and NIST certified TechR2 to learn.