John Rizzuto Photography Destination photography tours and workshops
Cybersecurity Business Risk Assessment

Cybersecurity Business Risk Assessment

Cybersecurity business risks assessments for photography businesses.

Select Option #1 or Option #2 from the dropdown menu to the right.

Any photographer who offers goods (prints, posters, etc.), services (portraits, wedding photography, event photography, training, tours, etc.), or stores their intellectual property (digital files – e.g. photos) on the internet is at risk from certain types of cybersecurity incidents.  Where risk exists, so does financial liability and reputational damage.  You need to understand which cybersecurity risks can impact your photography business and how to lower these risks by implementing certain controls and by performing an acceptable level of cybersecurity due diligence on the service providers that you use.

I offer two types of cybersecurity risk assessments for photographers.  Both types of assessments come with detailed reports and strategies on how to address cybersecurity risks and financial liability specific to your business model.  All of the deliverables are tailored your specific business model and the unique cybersecurity challenges that you face.  Click here to read more about cybersecurity risks that photographers face on my blog.

Option #1

1. Cybersecurity business risk assessment report to include:

  • What are your key assets that need to be protected?
  • What are your legal requirements pertaining to privacy, safeguarding information, and sending out commercial electronic messages for advertising or marketing?
  • What are the greatest cybersecurity risks that your business faces?
  • Who are you adversaries?
  • What tactics will they use against you?
2.  How to reduce the specific risks identified in the cybersecurity business risk assessment report
3.  Security best practices that should be implemented for securely transmitting and storing confidential and personally identifiable information.

Option #2

1.  All of the items described in Option #1.
2.  Service Provider Oversight analysis - I will review which service providers you use for web business and provide insights on how well their security practices are.  Note:  this is dependant upon how transparent they are what security information they make available.
3.  Security scan of your web site(s) - not social media sites - to identify potential security issues such as the presence of malware and other potential web site vulnerabilities you should be aware of.
4.  Development of disclaimers and privacy policies applicable to your specific business model -  if applicable