The Best Defense Against Cyber Threats for Lean Security Teams

1 year ago AndyC

Mar
21,
2023The
Hacker
NewsCyber
Threat
/
Cyber
Security

H0lyGh0st,
Magecart,
and
a
slew
of
state-sponsored
hacker
groups
are
diversifying
their
tactics
and
shifting
their
focus
to…

You.

Mar
21,
2023The
Hacker
NewsCyber
Threat
/
Cyber
Security

The Best Defense Against Cyber Threats for Lean Security Teams

H0lyGh0st,
Magecart,
and
a
slew
of
state-sponsored
hacker
groups
are
diversifying
their
tactics
and
shifting
their
focus
to…

You.

That
is,
if
you’re
in
charge
of
cybersecurity
for
a
small-to-midsize
enterprise
(SME).

Why?
Bad
actors
know
that
SMEs
typically
have
a
smaller
security
budget,
less
infosec
manpower,
and
possibly
weak
or
missing
security
controls
to
protect
their
data
and
infrastructure.

So,
how
can
you
prepare
for
the
imminent
onslaught
from
new
and
emerging
threat
groups?

You
need
a
plan.

Start
with
the
NIST
Cyber
Security
Framework

The
good
news
is
you
don’t
have
to
create
your
security
strategy
from
scratch.
The
National
Institute
of
Standards
and
Technology
Cyber
Security
Framework
(NIST
CSF)
is
one
of
the
most
respected
and
widely
used
standards
in
the
world.

While
originally
designed
for
critical
infrastructure
industries,
the
NIST
CSF
is
flexible
enough
for
organizations
of
all
sizes,
sectors,
and
maturities
to
use
in
large
part
because
the
framework
focuses
on
cybersecurity
outcomes.

The
only
problem?

The
NIST
CSF
doesn’t
provide
guidance
on

how
to
achieve
those
outcomes.

Where
the
NIST
CSF
Falls
Short

The
amount
of
jargon
and
lack
of
actionable
steps
are
some
of
the
top
complaints
about
the
NIST
CSF
among
less-resourced
–
yet
more
targeted
–
SMEs.

NIST
proposed
a
significant
reform
to
its
CSF,
with
plans
to
open
the
public
comment
period
soon.
Among
the
potential
changes
would
be
to
“explicitly
recognize
CSF’s
broad
use
to
clarify
its
potential
applications.”

Hackers,
of
course,
won’t
wait
for
NIST
to
release
more
actionable
security
guidance
–
and
neither
should
you.

Use

this
guide
to
see
how
to:

Answer
practical
questions
about
how
to
apply
the
NIST
CSF
to
your
control
environment
Map
the
5
areas
of
infosec
management
against
your
most
targeted
assets
Know
what
to
consider
when
securing
each
of
those
assets
Identify
gaps
in
your
information
security
program
Understand
which
controls
and
security
tools
you
need
to
close
those
gaps
See
the
one
step
the
NIST
CSF
overlooks
(but
that
can
protect
you
from
future,
repeated
attacks)

Plus,

this
guide
provides
tips
for
protecting
your
organization
from
the
full
spectrum
of
risk
–
from
data
breaches
to
denial-of-service
attacks
and
natural
disasters.

Get
the
Cyber
Defense
Matrix
today
so
you
can
thwart
bad
actors
tomorrow.

Download
the
guide
here.

Found
this
article
interesting?
Follow
us
on

Twitter


and

LinkedIn
to
read
more
exclusive
content
we
post.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts