The Cybersecurity and Infrastructure Security Agency (CISA) released its “Cyber Essentials for Small Businesses and Governments” today in an effort to improve the cybersecurity posture of America’s private and public sector organizations.
“When it comes to collective defense, we are only as strong as our weakest link, which is why CISA is committed to raising the bar in cybersecurity across all companies and government, regardless of their size,” said CISA Director Christopher Krebs. “Cyber Essentials are designed for those small businesses and local governments who don’t have abundant resources – where the CEO is also the chief information officer, head of marketing and HR – who are looking for where to start. This is a set of cybersecurity practices that are easy to adopt and understand and together constitute ‘the basics.’”
CISA is a division of the Department of Homeland Security. CISA is responsible for protecting the Nation’s critical infrastructure from physical and cyber threats. This mission requires effective coordination and collaboration among a broad spectrum of government and private sector organizations.
Each of the six Cyber Essentials includes a list of actionable items anyone can take to reduce cyber risks. These are:
- Drive cybersecurity strategy, investment and culture;
- Develop heightened level of security awareness and vigilance;
- Protect critical assets and applications;
- Ensure only those who belong on your digital workplace have access;
- Make backups and avoid loss of info critical to operations; and
- Limit damage and restore normal operations quickly.
Cyber Essentials includes two parts – guiding principles for leaders to develop a culture of security, and specific actions for leaders and their IT professionals to put that culture into action.
Developed in collaboration with small businesses and state and local governments, Cyber Essentials aims to equip smaller organizations that historically have not been a part of the national dialogue on cybersecurity with basic steps and resources to improve their cybersecurity.
Here’s the link to the Cyber Essentials for you.