One of the key methods that the NIST recommends businesses do on a continual basis is focus on these five categories as you assess your cybersecurity framework. These should be done regularly, and proactively, in order to be the most effective.
The categories are broad and cover a wide array of tools that businesses can use to build a cybersecurity framework that best supports their business security needs. They are: identify, protect, detect, respond and recover.
The first step you should take is to identify who should and should not have access to your business’s privileged information, and then maintain strict physical access rules for those personnel who don’t need that access.
NIST recommends that you do not allow cleaning and maintenance staff unsupervised access to rooms that contain computers or other technology that stores sensitive information.
Further recommendations include performing extensive background checks on all prospective employees, setting systems to lock down after several minutes of inactivity and maintaining separate accounts for each user.
The second category NIST mentions is to protect, which focuses on the ability to limit or contain the effects of a cybersecurity event.
Key recommendations include: limiting access to every part of the business information and systems, utilizing surge protector and uninterruptible power supplies, assigning a specific day of the month to perform patches for all software and regularly updating the firmware and operating systems for every system in your group.
Firewalls, securing your WiFi, and training your employees on security best practices round up the extensive list in this category.
A key requirement to any cybersecurity framework is the proactive detection of a cyber event. Anti-virus, spyware or other malware programs can and should be installed on each of your systems.
NIST recommends that you install two different programs from two different vendors for maximum security. You can even take it a step further and include Remote Monitoring and Management (RMM) Services as a part of your security protocol. RMM is an even bigger added layer of security in your ability to detect threats before they cause damage to your systems.
NIST recommends business develop a plan for the immediate response needed in the event of a natural disaster, fire or other event – the same applies to cyberattacks. Businesses should develop a cyber attack response plan that includes details on the roles and responsibilities of certain employees, what to do with information systems in the event of an incident, who to call, and what constitutes a cyber event.
Furthermore, NIST recommends you do this at an employee level, letting each employee know what his or her role will be in the event of a disaster.
The last category NIST defines is recover. NIST has 4 recommendations as to a process to use to help your business recover with minimal damage should an attack occur. They are:
Make full backups of all business data monthly either on an external hard drive (stored in a different location), or online cloud storage
Make automatic incremental backups of important data, and store them in three different ways: removable media such as an external hard drive, a separate isolated server, and cloud backup and online storage from a cloud provider.
Utilize Cyber Insurance – cyber, like health, auto, or business insurance, can help your business recover both physically and financially if a cyber event were to occur.
Some cyber insurance providers even offer cybersecurity experts who can further help you identify where, what and how you are vulnerable and give suggestions on how to fix those insecurities.
Conduct regular assessments of processes, procedures and technologies and make corrections or improvements as necessary.
Cyber attacks are a real and present danger to your business, but you can mitigate the risks by following the above suggestions.