In today’s digital world, cybersecurity has become more critical than ever before. Fortunately, the security community understands the value of sharing their experience and lessons learned to help individuals and businesses protect themselves.
Security Planning
Critical Security Controls (CIS IG1)
CIS’s IG1 document is a valuable resource for organizations that are looking to improve their cybersecurity posture but aren’t sure how to do it. CIS has created 3 security groups, or postures, that you can aim for. IG1 is the most basic group and is where you should start if you’re just starting to think about security.
NIST’s Cybersecurity Framework (CSF)
NIST’s Cybersecurity Framework (CSF) provides a set of guidelines, best practices, and standards that organizations can use to improve their cybersecurity posture. NIST has broken down security into 5 primary functions – identify, protect, detect, respond, and recover. NIST’s CSF is a great resource to help you understand the main components of an effective security program.
Security Incident Response
CIS Critical Security Control 17: Incident Response and Management
The Critical Security Control 17 is helpful because it provides a structured approach for organizations to manage incidents effectively and mitigate the impact of cybersecurity incidents.
NIST SP 800-62 Cybersecurity Incident Handling Guide
The NIST SP 800-61 Cybersecurity Incident Handling Guide is a comprehensive resource that provides guidelines and best practices for organizations to prepare for, detect, analyze, contain, eradicate, and recover from cybersecurity incidents.
CISA Free Resources
The Cybersecurity Infrastructure & Security Agency (CISA) is the authority on cybersecurity and is the agency responsible for securing US businesses from threat actors. CISA has many free (well you’ve already paid for them) resources that you almost certainly aren’t taking advantage of. Click here to see their full catalog of security resources for business.
Understand Cybersecurity in Under 60 Minutes.
Learn everything an executive needs to know about today’s threats, how to effectively manage your cyber risk, and 4 steps you can take today to prepare your business from what’s coming next: 2023 State of Cybersecurity | You Will Be Breached