H0lyGh0st,
Magecart,
and
a
slew
of
state-sponsored
hacker
groups
are
diversifying
their
tactics
and
shifting
their
focus
to…
You.
That
is,
if
you’re
in
charge
of
cybersecurity
for
a
small-to-midsize
enterprise
(SME).
Why?
Bad
actors
know
that
SMEs
typically
have
a
smaller
security
budget,
less
infosec
manpower,
and
possibly
weak
or
missing
security
controls
to
protect
their
data
and
infrastructure.
So,
how
can
you
prepare
for
the
imminent
onslaught
from
new
and
emerging
threat
groups?
You
need
a
plan.
Start
with
the
NIST
Cyber
Security
Framework
The
good
news
is
you
don’t
have
to
create
your
security
strategy
from
scratch.
The
National
Institute
of
Standards
and
Technology
Cyber
Security
Framework
(NIST
CSF)
is
one
of
the
most
respected
and
widely
used
standards
in
the
world.
While
originally
designed
for
critical
infrastructure
industries,
the
NIST
CSF
is
flexible
enough
for
organizations
of
all
sizes,
sectors,
and
maturities
to
use
in
large
part
because
the
framework
focuses
on
cybersecurity
outcomes.
The
only
problem?
The
NIST
CSF
doesn’t
provide
guidance
on
how
to
achieve
those
outcomes.
Where
the
NIST
CSF
Falls
Short
The
amount
of
jargon
and
lack
of
actionable
steps
are
some
of
the
top
complaints
about
the
NIST
CSF
among
less-resourced
–
yet
more
targeted
–
SMEs.
NIST
proposed
a
significant
reform
to
its
CSF,
with
plans
to
open
the
public
comment
period
soon.
Among
the
potential
changes
would
be
to
“explicitly
recognize
CSF’s
broad
use
to
clarify
its
potential
applications.”
Hackers,
of
course,
won’t
wait
for
NIST
to
release
more
actionable
security
guidance
–
and
neither
should
you.
Use
NIST’s
Missing
Link:
The
Cyber
Defense
Matrix
Created
by
cybersecurity
practitioner
Sounil
Yu,
the
Cyber
Defense
Matrix
provides
practical
guidance
for
aligning
your
security
program
with
the
NIST
CSF.
Use
this
guide
to
see
how
to:
-
Answer
practical
questions
about
how
to
apply
the
NIST
CSF
to
your
control
environment -
Map
the
5
areas
of
infosec
management
against
your
most
targeted
assets -
Know
what
to
consider
when
securing
each
of
those
assets -
Identify
gaps
in
your
information
security
program -
Understand
which
controls
and
security
tools
you
need
to
close
those
gaps -
See
the
one
step
the
NIST
CSF
overlooks
(but
that
can
protect
you
from
future,
repeated
attacks)
Plus,
this
guide
provides
tips
for
protecting
your
organization
from
the
full
spectrum
of
risk
–
from
data
breaches
to
denial-of-service
attacks
and
natural
disasters.
Get
the
Cyber
Defense
Matrix
today
so
you
can
thwart
bad
actors
tomorrow.
Download
the
guide
here.