Cyber Health Discussion Series
This series discusses cybersecurity issues of interest to c-level executives at print-based enterprises. Printers lacking cyber protections are risking financial losses for their and their clients' businesses. In addition, with business insurance renewals now asking about the company's cyber protocols, it is time to make cybersecurity a top priority.
Discussing OutputLinks Communications Group Services
By Andy & Julie Plata
Segment #2 Regarding the steps to protect yourself, your customers, and your suppliers.
A Cyber Framework
The next step in moving towards cybersecurity is to adopt an implementation framework using a vetted process like the NIST 800-53 Rev5.
If you missed the previous steps, click to read Segment #1
The U.S. government developed NIST 800-53 Rev5 to provide federal organizations with the policies, procedures, and guidelines to secure their information systems. The 800-53 Rev5 framework will help your organization adopt and adapt to a security culture.
But be aware that effective implementation requires that everyone – including owners, senior management, staff, contractors, and part-timers - understand and agree to follow the new security processes. A hacker only needs to find one unsecured area for access. So, failure to gain organization-wide buy-in can allow an eventual breach.
Like many government documents, NIST 800-53 Rev5 is complex and confusing for those unfamiliar with cyber issues. Therefore, it is essential to arrange training for internal staff or contract a certified cyber organization to assist your team or manage the entire process.
Segment#1 of this series discussed potential problems for those planning to use staff members for the full implementation. It is essential to recognize that your employees will be focusing on the cyber project for an extended period with minimal time for other print business activities.
If using staff to perform the project, free training materials are available from the National Initiative for Cybersecurity Careers and Studies (NICCS) if your print company is a U.S. government supplier/contractor. However, if you fail to meet the NICCS criteria, fee-based training and certifications from local universities are an option. Businesses are also offering cyber services but be cautious and only consider fully certified providers for your cyber security needs.
|President urges immediate hardening of U.S. cyber defenses due to potential Russian strike|
For companies planning a collaborative or outsourced program, your selected provider should provide all the required training. It is strongly advised to consider an alternative if training is not part of your contractor’s services.
The Next Segment: Breach Processes
Experience shows that regardless of an organization's type, size, or revenue, a breach can still infect its fully secure I.T. systems. Therefore, the next series segment focuses on NIST 800-53 Rev5's business continuity section for processes in dealing with security breaches.
To be notified of the next installment's availability or to discuss our C-Level Cyber Assessment Services, click here to schedule a call >>>
Stay tuned for our continuing Commentary on the changing print-tec industry environment and its effect on clients, employees, dealers, partners, and stockholders in the global print industry.