Como criar um plano de segurança cibernética organizacional

This Handbook was written with one simple goal in mind: to help your political party develop an understandable and implementable cybersecurity plan. A well-crafted and up-to-date organizational security plan can keep you safe and make you more effective, giving you the peace of mind you need to focus on your organization's important day-to-day work. If you haven't already, take a moment to read the Handbook introduction to learn more about security plans and why your organization should have one.

read the introduction
 

While every organization's security plan will look slightly different based on their risk assessment and organizational dynamics, certain basic concepts are nearly universal.

This handbook addresses these essential concepts in a way that helps your organization create a concrete security plan based on practical solutions and real-world applications.

The manual seeks to offer free or very low cost options and suggestions. Remember, the most significant cost associated with implementing an effective security plan will be the time you and your organization need to talk, learn, and implement your new plan. However, considering the risks your organization is likely to face, this investment will be well worth it.

In each section, you'll find an explanation of a key topic that your organization and your team should know about: what it is and why it matters. Each topic is paired with recommended strategies, approaches, and tools that are essential for limiting your risk, as well as tips and links to additional resources that can help you implement these recommendations in your organization.

Basic security plan kit

Get the Starter Kit!

To help your organization process the manual's lessons and turn them into a real plan, use this starter kit. You can print the kit or fill it out digitally while reading the online manual. As you take notes and begin to update or build your security plan, be sure to refer to the “Basic Components of the Security Plan” detailed in each section. No security plan is complete without, at a minimum, addressing these essential elements.

 

The main topics are

 

1

Building a Culture of Security

Desenvolvimento de uma cultura
de segurança

2

A strong foundation

Uma base forte: Como proteger
contas e dispositivos

3

Communicating and Storing Data Securely

Comunicação e armazenamento
de dados com segurança

4

Staying Safe on the Internet

Como estar seguro
na Internet

5

Protecting Physical Security

Proteção da
segurança física

6

When Things Go Wrong

O que fazer diante
de imprevistos

 

Aproveite os recursos de treinamento gratuitos, como Planejador de segurança da Consumer Reports, o aplicativo Umbrella da Security First, o Projeto Totem da Free Press Unlimited e Greenhost, além do Kit de ferramentas de segurança cibernética para organizações com uma missão social da Global Cyber Alliance. Embora esses recursos sejam divulgados mais para organizações e ativistas da sociedade civil do que para partidos políticos, o conteúdo técnico é extremamente valioso. Esses sites abrangem recursos sobre muitas das melhores práticas mencionadas neste manual, incluindo links para dezenas de ferramentas de treinamento que visam ajudá-lo a implementar muitos dos princípios básicos.