NIST Cyber Corner Offers 24/7 Help
Looking for training and guidance on cybersecurity that’s free and available 24/7?
Check out the Small Business Cybersecurity Corner, a new website from the National Institute of Standards and Technology.
“The vast majority of small businesses rely on IT to run their businesses and to store, process, and transmit information,” writes Kristina Rigopolous in this blogpost announcing the site’s launch. “Protecting this information from unauthorized disclosure, modification, use, or deletion is essential for those companies and their customers. With limited resources and budgets, small businesses need cybersecurity guidance, solutions, and training that is practical, actionable, and enables them to cost-effectively address manage their cybersecurity risks. This NIST Small Business Cybersecurity Corner puts these key resources in one place.”
The NIST has been authorized by Congress to “disseminate consistent, clear, concise, and actionable resources to small businesses.” These resources come from the NIST and other agencies, as well as a range of for-profit and non-profit organizations.
And though the Cybersecurity Corner doesn’t provide one-on-one help to law firms, the site contains a resource directory of contacts that can offer assistance. There is even a link for reporting threats and incidents.
Risks and Threats
A large portion of the website is dedicated to identifying emerging threats. One section is on hidden threats that lurk in corrupted software files.
Other topics: protecting against malicious code (descriptions of viruses, worms, and Trojan horses along with safety tips), handling destructive malware (an overview of potential distribution vectors), understanding rootkits and botnets, recognizing fake antiviruses, recognizing and avoiding spyware, understanding denial-of-service attacks, and defending cell phones and PDAs.
What to Do About a Breach?
“You just learned that your business experienced a data breach,” says the NIST site. “Whether hackers took personal information from your corporate server, an insider stole customer information, or information was inadvertently exposed on your company’s website, you are probably wondering what to do next.”
The first step is to determine the extent of the problem. What may have been exposed? Once you’ve got a handle on the potential damage, here are some safety pointers:
- Act quickly to secure your systems and fix vulnerabilities that may have caused the breach. The only thing worse than a data breach is multiple data breaches. Take steps so it doesn’t happen again. Mobilize your breach response team right away to prevent additional data loss.
- Assemble the necessary experts for a comprehensive breach response. Depending on the size and nature of your company, the response may include forensics, legal, information security, information technology, operations, human resources, communications, investor relations and management.
- Identify a data forensics team. Consider hiring an independent investigator to help determine the source and scope of the breach. The goals: to capture forensic images of affected systems, to collect and analyze evidence, and to outline remediation steps.
- Consult with legal counsel. Talk to an expert in cyber-liability (unless you’re one yourself). Consider engaging outside legal counsel with privacy and data security expertise. They can advise you on federal and state laws that may be implicated by a breach.
- Secure physical areas potentially related to the breach. Lock them. Change access codes, if needed. Ask your forensics experts and law enforcement when it is reasonable to resume regular operations.
- Stop additional data loss. Take all affected equipment offline immediately— but don’t turn any machines off until the forensic experts arrive. Closely monitor all entry and exit points, especially those involved in the breach. If possible, put clean machines online in place of affected ones. In addition, update credentials and passwords of authorized users. If a hacker stole credentials, your system will remain vulnerable until you change those credentials, even if you’ve removed the hacker’s tools.
- Review your cyber-liability insurance policy. Don’t have one? Lawyers Insurance can be your insurance firewall against computer hacks and client data theft.
- Contact your professional liability carrier. Do this if you think client data might have been compromised. Your carrier can help with loss prevention and mitigation.