Information Technology is a part of our everyday lives, in our homes, our workplaces and now in our places of worship. With so many ways to use technology and so many options in the marketplace, implementing an effective, efficient, and secure technology strategy can seem overwhelming. Moreover, as schools and parishes come together to form communities, each will bring with them their own IT infrastructure, comprised of a variety of tools, vendors and service providers for hardware, networking, internet, communication, and office applications, among others. The resources at the Chancery will help you make sense of your current technology landscape and explore ways to improve and enhance, as well as simplify it.
 

Cyber Liability Insurance and Cybersecurity Assessment

Cybersecurity is the practice of protecting one’s computers, networks, applications and data from unauthorized access, use and/or modification. In today’s environment, cybersecurity is evolving in both complexity and necessity. Cyber liability insurance protects entities from loss and/or liability that may arise in the event of a cybersecurity incident.

However, as achieving a state of cybersecurity becomes more difficult, obtaining cyber liability insurance does as well. Obtaining cyber liability insurance is expensive and requires entities to comply with a long list of requirements, sometimes requiring a costly investment in cybersecurity practices and tools.

This assessment will help us to evaluate your parish’s current cybersecurity state and analyze the information that will help the organization obtain cyber liability insurance coverage.
 

Solutions

Throughout our Diocese, the goal is to assist each parish in analyzing their current state within the IT infrastructure’s common areas (e.g., network, communication, etc.). Once the current state of all parishes and organizations is identified, the team at the Diocese will perform a high-level comparison in these areas across the Diocese and suggest the resources that make the most sense to be deployed. By learning of the technology landscape, your Parish or organization will benefit from greater operational efficiency, reduced maintenance, and lower costs.

• Multi-Factor Authentication (MFA) is implemented for all remote access to internal systems and cloud services that provide critical services or host sensitive information.
• Endpoint Detection and Response (EDR) software is installed on all supported endpoints and cloud workloads.
• Current backups are stored offline and have been tested to confirm their viability in fully restoring systems and data.
• Sensitive data is stored in secure and compliant cloud location
• Critical vulnerabilities are patched, with priority given to public-facing systems and applications.
• Public-facing web applications are protected by a web application firewall.
• Internal networks are appropriately segmented to contain an attack or malware to a subset of systems and to prevent its widespread propagation.
• All end-of-life systems and applications are decommissioned and powered off.
• The Principle of Least Privilege is applied such that permissions for a given user account or process is restricted to only those privileges which are essential to perform their intended function.
• Incident response plans within the organization have been updated and a crisis communications contact list includes current emergency contact information for all appropriate personnel.
• Disaster Recovery and Continuity of Operations Plans are current and can be implemented in the event of a loss of services.