Know the Watchdogs: Public Resources Cyber-Securing Our Nation
Technology professionals are aware of government based?CISA?(The Cybersecurity and Infrastructure Security Agency) and of non-profit industry expert CIS (Center for Internet Security) known for its (18) “Critical Internet Security Controls”.?It’s equally important that all U.S. citizens, not just ‘techies’, know where to turn for useful information about being cyber-secure.?Here’s a quick review of these organizations’ mission statements, how they operate, and their tangible contributions to thwarting the impact of cyber-breach on data security, business operations, and critical infrastructure:
“The?Cybersecurity and Infrastructure Security Agency?(CISA) leads the national effort to understand, manage, and reduce risk to our cyber and physical infrastructure. We connect our stakeholders in industry and government to each other and to resources, analyses, and tools to help them build their own cyber, communications, and physical security and resilience, in turn helping to ensure a secure and resilient infrastructure for the American people.”
CISA is a United States federal agency, an operational component under Department of Homeland Security.
“The?Center for Internet Security’s (CIS) mission is to make the connected world a safer place by developing, validating, and promoting timely best practice solutions* that help people, businesses, and governments protect themselves against pervasive cyber threats.”
CIS is a 501 (c)(3) nonprofit organization (founded 2020) whose members comprise large corporations, government agencies, and academies.
*”CIS employs a closed crowdsourcing model to identify and refine effective security measures. Individuals develop recommendations that are shared with the community for evaluation through a consensus decision-making process. At the national and international level, CIS plays an important role in forming security policies and decisions by maintaining the CIS Controls and CIS Benchmarks and hosting the?Multi-State Information Sharing and Analysis Center (MS-ISAC)?and the?Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC).”
Two initiatives I found particularly smart – one each from these organizations – encourage proactivity surrounding our nation’s critical internet-/infrastructure, and public demand to a more impenetrable election process:
Initiative 1:
CISA’s website has a new catalog to inform private and public sectors of cyber-impacts to be prepared for.
“CISA is developing a catalog of?Bad?Practices?that are exceptionally risky, especially in organizations supporting Critical Infrastructure of NCF (National Critical Functions).”?Several of the catalog entries show concern for public health and safety such as life-threatening breaches to end-of-life software, and economic ruin that can accompany misuse of passwords and credentials.?This catalog is a dynamic work in progress, with CISA accepting new entries from all sectors and regularly updating and consolidating the list.
Initiative 2:
“The CIS Center for Internet Security has developed the?Essential Guide to Election Security?to serve as a first-stop resource for election officials to learn about best practices in election security. This can aid the process of building a program designed to meet the individual needs and abilities of any given election office.”
All U.S. citizens and employees should learn of the resources available to them and how they can keep eyes open to safeguard information assets and critical infrastructure.?Organizations like CISA and CIS strive to be responsive in addressing a changing set of security demands to individuals and businesses.?Corporate leaders and their personnel should provide accurate reports of cyber-incidents they experience and to lead the security awareness trend that will protect the freedoms our nation enjoys!
Start today! Reserve your slot now for the live webinar?“Don’t Be An Easy Target” hosted by?Data-Guard365
?
By Pamla Davitt
Data-Guard 365?is a MSSP firm headquartered in Indianapolis, Indiana, with offices in Chicago, Atlanta, and other strategic locations across the globe. The company is a one-of-a-kind business partner whose people, processes, and technology provide invincible cyber security for a price point that pays for itself.
www.Data-Guard365.com?/ (317) 967-6767 /?[email protected]