Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • DHS SMB Road Map PDF

    Încărcat de

    Naveen Kumar
    33 vizualizări2 pagini

    Titlu original

    DHS-SMB-Road-Map.pdf

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    33 vizualizări2 pagini

    DHS SMB Road Map PDF

    Încărcat de

    Naveen Kumar

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 2

    ABOUT

    THIS
    GUIDE
    CYBERSECURITY
    The Cybersecurity Resources Road
    ADDITIONAL
    Map is designed to help critical
    infrastructure small and midsize RESOURCES RESOURCES
    businesses identify useful
    cybersecurity resources to meet The U.S. Department of Homeland Security’s ROAD MAP
    their needs. National Protection and Programs Directorate
    leads the national effort to protect and
    enhance the resilience of the Nation’s
    The road map comprises four tiers and two physical and cyber infrastructure. To learn A GUIDE FOR CRITICAL
    questions in each tier. Each question about additional resources beyond those
    introduces a topic and a few related recommended in this guide, visit: INFRASTRUCTURE
    https://www.dhs.gov/topic/cybersecurity.
    resources. SMALL AND MIDSIZE BUSINESSES
    The tiers reflect degrees of cybersecurity
    The tier structure presented in this guide
    sophistication. In general, companies that generally reflects the Cybersecurity Framework,
    have well-developed cyber capabilities will which was developed by the National Institute of
    find the resources in the higher tiers most Standards and Technology. For information, visit:
    https://www.nist.gov/cyberframework.
    appropriate, while companies that have less
    sophisticated cyber capabilities will likely
    focus on the lower tiers.

    However, the best approach is to consider


    all the questions and all the resources in
    view of the organization’s objectives and
    assessment of risk.

    07-27-18
    TIER 1 TIER 2
    Have you communicated Are you implementing a Have you integrated
    the importance of leadership-driven, company-wide cybersecurity with risk
    cybersecurity to your cybersecurity program? management processes?
    business?

    • Cybersecurity Tools (SBA) • Cybersecurity Framework (NIST) • Managing Information


    https://www.sba.gov/managing- https://www.nist.gov/cyberframework Security Risk (NIST 800-39)
    https://www.nist.gov/

    TIER 4
    business/cybersecurity
    • Cybersecurity Framework Guidance (Run a search for “800-39”)
    • Small & Midsize Business (DHS)
    Cybersecurity Toolkit (DHS) https://www.us-cert.gov/ccubedvp/cyber • Guide for Conducting Risk
    https://www.us-cert.gov/ccubedvp/smb security-framework Assessments Rev. 1 (NIST
    800-30)
    • Cybersecurity Tip Sheets (DHS) • Cybersecurity Education and Training https://www.nist.gov/
    https://www.us-cert.gov/ncas/tips Catalog (DHS) (Run a search for “800-30”) Have you trained your staff
    https://niccs.us-cert.gov/training to prevent, detect, and
    • Threat Alerts, Bulletins, respond to cyber incidents?
    Advisories (DHS)
    https://www.us-cert.gov/ncas
    and https://ics-cert.us-cert.gov
    Has your business begun to • Industrial Control System Training
    follow basic cybersecurity Classroom and online courses (DHS)
    best practices? https://ics-cert.us-cert.gov
    • Cybersecurity Education and Training
    • Start with Security: A Guide for Catalog (DHS)
    Business (FTC) https://niccs.us-cert.gov/training
    https://www.ftc.gov/
    (Run a search for title of document) • NICE Cybersecurity Workforce
    Framework (NIST)
    • Small Business Information https://niccs.us-cert.gov/workforce-
    Security: The Fundamentals development
    (NISTIR 7621) (Click on Training)
    https://www.nist.gov/

    TIER 3
    (Run a search for title of document)
    • Factsheet: Cyber Incident
    Reporting (DHS) Are you utilizing cyber
    https://www.dhs.gov/cyber defense technologies to
    (Run a search for “cyber incident
    reporting”) support your operation?
    Are you evaluating your Are you participating in an
    cybersecurity posture information sharing forum to
    and capabilities? gain insights and strategies? • Automated Indicator Sharing (DHS)
    (Threat indicator exchange in near
    real-time)
    • Cybersecurity Assessments • Information Sharing and Analysis https://www.dhs.gov/ais
    (DHS) Centers (National Council of ISACs)
    (Provided to critical https://www.nationalisacs.org/ • Cyber Information Sharing and
    infrastructure on a priority Collaboration Program (DHS)
    basis) • Information Sharing and Analysis (Threat indicator exchange plus
    Call 888-282-0870 or email Organizations (ISAO Standards trusted analysis)
    ncciccustomerservice@hq. Organization) https://www.dhs.gov/ciscp
    dhs.gov or https://www.isao.org/
    cyberadvisor@hq.dhs.gov • Enhanced Cybersecurity Services
    • Secure Information Sharing Portal (Commercial intrusion prevention
    • Cyber Tabletop Exercise for (DHS) capabilities)
    SMBs (DHS) Call 888-282-0870 or email https://www.dhs.gov/enhanced-
    Call 888-282-0870 or email ncciccustomerservice@hq.dhs.gov cybersecurity-services
    ncciccustomerservice@hq.
    dhs.gov Note: Professional business Note: ISACs and ISAOs provide access
    organizations also offer cyber to cyber defense technologies as well.
    information sharing opportunities.

    S-ar putea să vă placă și