To put the impact of cybercrime into perspective, let’s examine some important, and startling, numbers:

Data breach costs increased from $3.86 million to $4.24 million in 2021.

Every 39 seconds, there is an attack.

About 90% of healthcare organizations have fallen victim to at least one breach within the past three years.

The bottom line? Cyberattacks are frequent and costly, and COVID-19 has only fueled the fire with more employers adopting a remote work structure. Reports of identity theft spiked during the pandemic and an overwhelming majority, specifically 90% of companies, faced an increase in cyberattacks.

In addition to hiring skilled professionals who possess a formal cybersecurity education, companies are turning toward proven tools and resources to protect their valued data and information.

One tool in particular is the NIST Cybersecurity Framework, which is a free resource developed and provided by the U.S. government. Let’s dive in.

What is the NIST Cybersecurity Framework?

The National Institute of Standards and Technology (NIST) describes the framework this way:

“The framework is voluntary guidance, based on existing standards, guidelines, and practices for organizations to better manage and reduce cybersecurity risk. In addition to helping organizations manage and reduce risks, it was designed to foster risk and cybersecurity management communications amongst both internal and external organizational stakeholders.”

It’s important to reiterate that this framework is not mandatory, though it’s certainly recommended since it’s based on well-researched information and best practices. Most importantly, it can be “customized by different sectors and individual organizations to best suit their risks, situations, and needs.”

NIST Framework Background & Development

Version 1.0 of the framework was issued in February 2014 and, according to NIST, “was developed in response to the Presidential Executive Order (EO) 13636, Improving Critical (Read more...)