Small businesses have become more vulnerable to cybercrime than large corporations in recent years and are reportedly attacked more than 7 million times per year, costing the UK economy an estimated £5.26 Billion.
How do you know if your business is safe?
The NIST Cybersecurity Framework is a risk-based compilation of guidelines, designed to help a business assess current capabilities and draft a prioritised roadmap towards improved cybersecurity practices.
The framework focuses on collaboration to share information and advance security within businesses based on findings which suggest that over 82% of companies with high-performing security practices collaborate with others to achieve their goals.
NIST Cybersecurity Framework
The framework is made up of several tiers which will ultimately improve your risk-based security in your business environment.
1) Plan- When planning for a cyber-attack, you must outline the following:
- Your objective, along with which services you will need to maintain in order to achieve it.
- Which part of your business you want to protect.
- Your number one priority.
2) Defend- What exactly do you want to defend? This may be your sensitive data, reputation or brand etc. You should analyse all of your vulnerabilities, whether this concerns users, third parties or old systems with weaker security. Of course, once you have set up your defences, make sure that they are sufficient and will prevent any cyber attacks against your business.
3) Detect- Use continuous monitoring to provide proactive and real-time alerts of cybersecurity-related events and potential threats. This will capture the relevant data which will help you to diagnose the problem and analyse the capabilities. Contact your IT contact to analyse this data because it is crucial that you’re monitoring your whole system.
4) Respond- Your business must have an escalation process in place which covers the following:
- How activities and decisions are managed.
- A response plan which can be flexible enough to be applied to multiple cyber attacks.
- How to respond to customers and on which platforms.
- How to report your updates i.e. a daily or hourly basis.
- Communication to Internal staff, partners, the media, legal, enforcement and regulators.
Along with the above, you must have confidence in your activity and know exactly how you are being attacked and where your security measures have been breached.
This will require some technical capabilities and if this is lacking with in your business there are many 3rd parties who can offer external assistance.
Best practice is for businesses to have an emergency change process which will indicate how your business will be able to continue to run.
5) Recover- You must test, remediate, test again and configure go-live checklists to ensure improved monitoring defence to prevent any future attacks.
This is a robust plan and if implementing this change in your business is out of your technical comfort zone, as mentioned you may be interested in using a third party to help and assistance with the technical expertise and advice. It could prove to be a more cost effective and time saving option for your business and will give you peace of mind that you are protected from cybercrime in the future.