/ Ten keys for the management of cybersecurity risks

Macarena Gatica, an expert lawyer in personal data protection, prepared a list of the most important legal recommendations to protect our data, information on the Internet and web platforms.

1. Create a governance system that allows for the proper management of cybersecurity.
2. Actively involve the board of directors. Report periodically on the cybersecurity plan and the incidents that have occurred.
3. Continuously train employees.
4. Establish a regime of sanctions in case of non-compliance with regulations.
5. Identify technological assets.
6. Establish an access and profile policy.
7. Create a supplier suitability policy, establishing and setting the cybersecurity standard they must abide. Monitor critical suppliers for compliance with this standard.
8. Create an operational continuity plan and establish periodic tests.
9. Create a crisis committee, which will function in case of incidents, to coordinate the necessary steps to limit the effects of the incident, reports to the authority and third parties that could be affected.
10. Analyze the feasibility of contracting a cybersecurity policy.