You’re NOT too small to be bothered by cyber criminals. Some are using you for practice before bigger targets and others are driven by quantity. The statistics back this up: 70% of businesses were victims of ransomware in 2022 (half of them were small businesses) and 255 million phishing attacks and 2.8 BILLION malware attacks in just the first half of 2022. Surveys also suggest that 70% of small businesses are unprepared to deal with an attack. Relying on luck won’t protect your business from a cyber attack.
The NIST Cybersecurity Framework can help you understand how and where to implement tools and practices to improve your security posture. The framework is organized by five key functions: Identify, Protect, Detect, Respond, and Recover. When used together, they provide a comprehensive strategy of managing cybersecurity risk over time.
Identify: Develop an understanding to manage cybersecurity risk to systems, assets, data, and capabilities. This is really your risk management planning phase and includes identifying critical enterprise processes and assets (what MUST continue to operate to keep your business viable), documenting information you collect and how you store and use it, keeping an updated hardware and software inventory, establishing a cybersecurity policy with roles and responsibilities, and identifying vulnerabilities and asset risks.
Protect: Develop and implement the appropriate safeguards to ensure delivery of services. This is your proactive defense phase and where you engage everyone in your organization to help avoid an attack. Start with managing access to assets and information to ensure that users only have access to what they must have to do their jobs and enable multi-factor authentication. If you store or transmit sensitive data, make sure that is in protected by encryption and securely delete and/or destroy data when it is no longer needed or required for compliance. Implement regular backups, keeping one frequently backed up set of data offline to protect it against ransomware. Protect your devices with host-based firewalls and endpoint security products and reduce device vulnerabilities by promptly updating both the operating system and applications that are installed on your devices. Implement and require regular security awareness training for your users.
Detect: Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event. An attack can still be attempted with preventative measures in place. Bad actors are highly motivated to adapt and develop new attack methods and overwhelmed users can make mistakes. Implement and test processes and procedures for detecting unauthorized entities and actions on your networks and within your environments. Maintain and monitor logs of your enterprise computers and applications. Know your expected data behaviors are so you can quickly identify when an unexpected data flow occurs.
Respond: Develop and implement the appropriate activities to take action regarding a detected cybersecurity event. If a cyber security attack has been detected, your organization must work quickly and thoroughly to understand the complete impact. Prepare by testing response plans and ensuring each person understands and has the resources needed to execute the plan. Testing will help identify gaps and give you the opportunity to make critical improvements. Make sure to coordinate with internal and external stakeholders including partners, oversight bodies, and customers.
Recover: Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event. In addition to recovery functions for your infrastructure, you must effectively communicate. Your recovery plan should identify a point person for information release to ensure a single source of truth that is accurate, complete, and timely for key stakeholders and the public.
If you are not confident each of these steps have been implemented in your business, it’s time to get help. Start with a free cybersecurity self-assessment. Next, we will reach out for a brief discovery call where we can review your current structure and let you know how we can help you align your cybersecurity strategy with the NIST framework.