Cybercrime can put a halt to business operations, corrupt personal information, and threaten national security. This October, the Cybersecurity and Infrastructure Security Agency (CISA) has launched the 18th annual Cybersecurity Awareness Month, to educate Americans on how to be more cyber savvy, and to help ensure safer online experiences for everyone with new resources.
Resources to Tackle Cyber Criminal Activity
As part of its ongoing effort to decrease cybersecurity risks, CISA has published a number of resources and tools valuable during Cybersecurity Awareness Month and throughout the year, including:
Standards Support Cyber Safety Too
Standards also help tackle cyber threats before they can disrupt business. The American National Standard (ANS) developed by ASTM International Subcommittee: F25.05, Computer Applications – ANSI/ASTM F3286-2018, Guide For Cybersecurity and Cyberattack Mitigation – addresses the company or government organizational need to mitigate the likelihood of cyberattacks and reduce the extent of potential cyberattacks, which can leave sensitive personal data, corporate information, and critical infrastructure vulnerable to attackers. The recommendations are meant to serve as a guideline for corporate and government organizations to adopt for the protection of sensitive personal information and corporate data against hackers.
Did you know that connectivity and data sharing through devices can also compromise personal and business information? Another ANS devleoped by UL, UL 2900-1 Ed. 1-2017, Standard For Software Cybersecurity For Network-Connectable Products, Part 1: General Requirements, applies to network-connectable products that shall be evaluated and tested for vulnerabilities, software weaknesses, and malware.
Additional ANS can be found in the INCITS Cyber Security - Common Criteria Package, which provides guidance on evaluation criteria for IT security. It includes the INCITS/ISO/IEC 15408 series as well as the INCITS/ISO/IEC 18045 standard addressing methodologies for IT security evaluations, by INCITS (the InterNational Committee for Information Technology Standards).
Many standards developing organizations are active in this space, drafting standards to deal with various aspects of cybersecurity. These standards are just a sampling of the various standards that protect our cyber safety. Access more, including information on the standard developed by ISO/IEC Joint Technical Committee (JTC) 1, Information technology, Subcommittee SC 27, IT Security techniques via ANSI, and related news:
With Costly and Dangerous Ransomware Attacks on the Rise, U.S. Prioritizes Safety
Standards Support Business Resilience: NIST Releases Cyber Supply Chain Risk Management Strategies