Founded in 1901, the National Institute of Standards and Technology (NIST), is a branch of the US Department of Commerce that measures and provides standards for various areas of science and technology. Among IT professionals, NIST is known for its Cybersecurity Framework, which “consists of standards, guidelines, and best practices to manage cybersecurity-related risk.” The framework has been adopted by numerous organizations since it was first instituted in 2012, and has helped organizations understand and avoid various cyber-security threats.
In August, NIST achieved a new victory: its Small Business Cybersecurity Act was signed into law. This law requires that the director of NIST “issue guidance and a consistent set of resources to help SMBs identify, assess and reduce their cybersecurity risks.” Among other goals, this initiative is designed to assist small businesses in creating a “workplace cybersecurity culture.” In general, the law provides an excellent starting point for increased awareness of and visibility into cyber threats and prevention. And it’s crucially important for small businesses, who tend to have less infrastructure and fewer resources to devote to security awareness initiatives.
One of GLS’ main focuses in 2018 has been to ensure that small and medium-sized businesses are not overlooked when it comes to cyber security. We strive to ensure that our solutions and services are scalable and easily implemented by all companies, regardless of their size. Smaller businesses are easy targets for cyber crime, like phishing, password hacks, or system breaches. And the results can be even more devastating to small businesses than they are for large ones. As a result, GLS takes our responsibility to help small businesses stay secure very seriously, and we’re excited to see that NIST does as well.
Are you a small business owner or administrator who’s still trying to figure out what security awareness means for your employees, or what steps you can take to protect your organization? There’s no better place to start than with training. Keeping employees aware of and able to deal with threats is half the battle, and it’s an easy first step as you work toward a cyber-aware organization. Visit us to learn more about how our training can help meet your needs.