NIST (National Institute of Science and Technology) is rolling up their sleeves and diving into comment submissions for the Cybersecurity Framework called for in the president’s cybersecurity executive order signed eight weeks ago. You can read the variety of comments submitted from private industry, individuals, government and more.
It’s no secret that the government is trailing behind enterprise in many areas of security, especially cybersecurity. But, given that there is an entire cyberwar being fought through private enterprise proxies, the rules the government is making are going to affect everyone. Don’t wait for them to be published to start your own enterprise security practices.
Here are some starter steps to use before the framework is published:
- Continuously Monitor – Watch and track your environment, find risks and abnormalities, thwart attacks and leaks.
- Use Knowledge – Create new policies based on what you notice to reduce future risk.
- Team Security – Takes steps to ensure you aren’t a weak link – security is everyone’s duty.
NIST is using information collected from these comments as a form of Step 1 and creating Step 2 in order to establish national cybersecurity policies.
Cybersecurity starts with you – it can be as simple as using a password, turning off Bluetooth, and downloading apps from an approved source. It’s not the PC era anymore and security isn’t one size fits all for mobile devices.