Organizations are faced with significant challenges when attempting to secure their digital assets from an onslaught of increasingly sophisticated and effective cyber threats and attacks. In addition, new regulation continues to be produced by Federal and State governments that requires organizations to build comprehensive cybersecurity programs and take responsibility for protecting themselves and others for various threats and vulnerabilities.
When presented with the new responsibility of creating and implementing effective cybersecurity programs, executives of organizations can quickly become overwhelmed.
This Cybersecurity Self-Assessment is designed to provide insight to those responsible for achieving regulatory compliance and protecting assets. The assessment is a high-level evaluation that will help determine the cybersecurity preparedness level of the organization based on the widely adopted National Institute of Standards and Technology (NIST) Cybersecurity Framework.
The NIST Cybersecurity Framework requires adopters to
- Have the capability to Identify cyber threats and vulnerabilities
- Protect themselves accordingly with security controls and defenses,
- Have the capability to Detect if security controls have been compromised
- Respond to cyber-attacks, incidents and breaches and lastly
- Recover from cyber-attacks, incidents and breaches