National Small Business Week, Day 4

Standard

Following up on yesterday’s post about National Small Business Week, Day 3, Cybersecurity-Respondtoday is Day 4 and the cybersecurity theme for today is Respond.

Respond is the fourth pillar of the NIST Cybersecurity Framework.  Respond is about how you respond to a cybersecurity event once you know it has taken place.

There are some excellent resourced linked on the Respond page.  Many will help you draft an appropriate response plan for your business.  Some of the key elements of a response plan are:

  • Communication plan for both internal and external audiences.
  • Isolating the impacted systems and analyzing the impact of the event.
  • Restoring impacted data.
  • Verifying if you have a reportable event.
  • Reporting the event to the appropriate authorities.

This is by no means an all emcompassing list, so consult the resources mentioned above and build a plan that is right for your business.

The five pillars of the Cybersecurity Framework are 1. Identify, 2. Protect, 3. Detect, 4. Respond and 5. Recover.  As we move through National Small Business Week, I will continue to highlight one area each day.  Yesterday was Detect, today is Respond and the final will be Recover and that will be tomorrow.

As you review each of these elements, do an honest assessment of how well your business covers each area.  This Framework is essential to estabilshing good cybersecurity best practices in your business.  If you have cyber risk insurance, your insurance carrier may start asking you to verify what you are doing to address each of these areas.  This will have an impact on your premium for coverage as well as what cyber events your insurance will actually cover, should you ever need to make a claim.  The NIST Cybersecurity Framework is the defacto standard for maintaining a proper cybersecurity stance for your business.  Take time to educate yourself and your teams.