Out of all the businesses in the US, 99% have 250 employees or less, making it clear how numerous these groups are. However, until now, SMBs, schools, and local government agencies have not been included in the bigger picture of creating more resilient organizations, as government efforts have primarily focused on large companies and critical industries. As a result, CISA is shifting its paradigm from public-private partnerships to partnerships that include the private sector, international and state, and local partners to create a tapestry of visibility that would allow for better understanding of cyber threats and to take down risks to the nation.
One of CISA‘s initiatives to help these organizations is the Cybersecurity Performance Goals (CPGs), which provides a simpler metric to drive cybersecurity risks down. These goals are intended to be lower cost and lower effort goals that organizations can achieve to boost their cybersecurity posture. This simpler guide is necessary because the Cybersecurity Framework, published by the National Institute of Standards and Technology (NIST), which is considered the gold standard for creating a cybersecurity plan for a business, is relatively difficult to understand, and implementation is complicated.
Since ransomware attacks have been a particular focus of cybercriminals targeting small organizations, CISA has created a pilot vulnerability-warning that scans private systems and provides system owners with information about any system vulnerabilities that need addressing. CISA‘s focus on smaller organizations is because such organizations can fend off cyber threats and ensure a safer and more secure work environment. However, attempting to measure “reduction of risk” remains a challenge because the current Internet structure is a compilation of private, educational, and government networks, limiting visibility, and comprehension of the actual threat level.
The need for a better approach to artificial intelligence and cybersecurity is also essential as we move into a world where AI hallucinations are becoming commonplace and could cloud our judgment. This is where a better approach to AI is necessary, mainly because the internet’s design did not account for most of today’s cybersecurity threats. As such, Jen Easterly suggests that we need to be more mindful when incorporating AI technology into our cybersecurity plans by avoiding the same errors.
<< photo by cottonbro studio >>
You might want to read !
- How Privoro and Samsung’s Partnership is Ensuring Secure Control of Smartphone Radios and Sensors
- Exploring the Importance of Cybersecurity Awareness on World Password Day
- The Evolution of Ransomware: Babuk Code Modified to Attack ESXi VMs by Multiple Groups
- “Uncovering the Dark Side of Genomic Technology: The Alarming Vulnerability of DNA Sequencing Equipment to Cyber Attacks”
- Google Chrome Removes Lock Icon From Browser URLs
- “Twitter Rolls Out End-to-End Encryption for DMs, But Elon Musk’s Caution is Warranted”
