Dealing with cybersecurity is on nobody’s fun list.
While there are a ton of moving parts that affect nearly all aspects of your business in a thorough cybersecurity plan, it is much easier than you may think to protect your business. I know this as a business owner, not just a technologist because Waident has done it ourselves.
Several years ago, we aligned all our policies and procedures with the National Institute of Standards and Technology (NIST) cybersecurity standard framework. The framework is based on industry-leading standards, guidelines, and best practices for organizations to better manage and reduce cybersecurity risk. We love the framework because it is the industry’s most up-to-date approach and enables us to keep Waident—and our clients secure, compliant, and resilient.
The NIST model includes five high-level security functions:
- Identify
- Protect
- Detect
- Respond
- Recover
These categories cover the breadth of organizational cybersecurity objectives and represent the pillars of a successful and holistic cybersecurity program. The functions help us categorize our risk management efforts and inform management decisions about business/protection tradeoffs. In addition to helping us manage and reduce risks, the framework fosters communication among internal and external stakeholders (clients, insurers, regulators, et al) and gives us a way to talk about cyber risk in a business context.
When onboarding new support clients, we do a thorough risk assessment using the NIST Framework. The assessment helps us create a unique security risk overview for each client’s operations and determine how to strengthen it.
Because we believe that cyber-security is so important, we are making a user-friendly assessment tool available to non-clients. You can DOWNLOAD the tool and evaluate yourself. The tool takes about 10 minutes to complete and can save you a lot of time, money, and reputational risk.
If you cannot fill it out on your own, talk to your IT department. The point of the exercise is to raise questions and be honest with yourself about your current approach and risks.
If you’d like help completing it, please reach out to us. We’re happy to help walk through it with you.
Be safe.
DOWNLOAD the Cyber-Risk evaluation tool.