Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

NIST: Cybersecurity is Everyone’s Job

July 23, 2018

NIST (The National Institute of Standards and Technology) recently released a draft guidebook called Cybersecurity is Everyone's Job. It is certainly hard to argue with the title! The guidebook was created for business owners and leaders, but it's also helpful for those serving functional roles in human resources (HR), IT, legal — and even sales and marketing.

Undeniably, employees represent the "largest attack surface" of most organizations. Common business activities — such as product and service delivery, payroll, accounts payable, communicating with customers and suppliers and resource management — frequently expose organizations to cyber risk, which is why a cybersecurity culture is so critical.

Mindset is also a key driver of human behavior — so proper attention must be paid to evaluating and addressing employees' mindsets (and no, they can't sacrifice security for convenience) as part of a broader security-awareness campaign. Also, due to the rise in attacks leveraging social engineering, organizations should seek to educate their employees about such attacks and thereby "harden" their security. Hardening the technology is (sigh) a lot easier.

The handbook's recommendations for action include:

Understanding cybersecurity well enough to enable sound decision making;
Including cyber risks in the enterprise risk management (ERM) process;
Developing and maintaining organizational information security policies and standards;
Promoting the development of effective cross-functional teams to accomplish cybersecurity goals for the organization; and
Protecting sensitive strategic, financial, legal and risk information.

It's only 26 pages, which is not terribly intimidating – and it may be very helpful to those who do not yet have a cohesive plan for addressing cybersecurity.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
https://www.senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

NIST: Cybersecurity is Everyone’s Job

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer