1. Identify
Identify and control who has access to your business information. Conduct background checks. Require individual use accounts for each employee. Create policies and procedures for cybersecurity.

2. Protect
Limit employee access to data and information. Install Surge Protectors and Uninterruptible Power Supplies (UPS). Patch operating systems and applications routinely. Install and activities software and hardware firewalls on all your business networks. Secure your wireless access point and networks. Set up web and email filters. Use encryption for sensitive business information. Dispose of old computers and media safely. Train your employees.

3. Detect
Install and update anti-virus, anti-spyware, and other anti-malware programs. Maintain and monitor logs.

4. Respond
Develop a plan for disasters and information security incidents.

5. Recover
Make full backups of important business data and information. Continue to schedule incremental backups. Make improvements to process/procedures/technologies.