A question we have been hearing a lot lately is “what is the government doing to protect business from cyber threats”, after all, cyber attacks are often coming from other countries and have been compared to another form of warfare or terrorism.
Here in the U.S., the government has their own challenges protecting their systems from attacks. Ransomware has been a major threat with many cities and towns being hit, and some offline for weeks with millions in damages. According to the Center for Strategic and International Studies (CSIS), the US is #1 for cyber attacks on government agencies with UK at #2. The Canadian Armed Forces are working with other agencies to train CAF veterans to meet demand for cybersecurity resources,
Clearly governments have their hands full just trying to protect their own networks. But they have provided some resources for you:
The Cybersecurity and Infrastructure Security Agency (CISA) Cyber Essentials is a guide for leaders of small businesses as well as leaders of small and local government agencies to develop an actionable understanding of where to start implementing organizational cybersecurity practices.
The National Institute of Standards and Technology (NIST) established a Cyber Security Framework (NIST CSF) for business to align with to make sure they don’t have critical gaps in their defense against cyber threats. They also provide a Workforce Management Guidebook to help non-technical staff understand their role in protecting the organization.
The National Cyber Security Centre in the UK published guidance on dealing with phishing via email, phone and text, as well as a primer for cyber security to protect your business.
In Canada, the CIO Strategy Council has published Standards for protection of data and cybersecurity.