Webinar Connects the Dots between SMBs and NIST Cybersecurity Framework
Silver Spring, MD – February 18, 2015 – e-Management Founder & CEO Ola Sage participated in a webinar yesterday from the Critical Infrastructure Cyber Community, or C3 (pronounced “C-Cubed”), Voluntary Program created by the U.S. Department of Homeland Security (DHS). The goal of the webinar was to: (1) promote the C3 Voluntary Program and its role in building a community of interest; (2) foster an environment where individuals can share information on how they are using the Framework and the C3 Voluntary Program; and (3) collect feedback from participants on these elements for future improvement. In addition to Ms. Sage, webinar panelists included Patricia Toth from the National Institute of Standards and Technology (NIST), and Brandon Pollak, director of global affairs, 1776. Chris Duvall from the DHS Office of Cybersecurity and Communications moderated the session.
“There is a segment of the small- and medium-sized business (SMB) community that still is not convinced that they are a target or that they would have anything that a cyber-hacker or criminal would want,” says Ms. Sage. “This webinar is a great opportunity to educate SMBs about incorporating the NIST Critical Infrastructure Cybersecurity Framework into their best practices. The good news is that we’ve found that when CEOs of SMBs understand the personal impact to them, such as financial, legal, and reputational, the value of the framework resonates. For example, many CEOs are personal guarantors for their company. So, a $300,000 breach is no longer an abstract conversation, it’s real.”
When asked how the SMB community can help shape the marketplace for cyber risk management, Ms. Sage responded she “would love to see more private sector SMBs be innovators of cybersecurity solutions and not just consumers.” She talked about how e-Management created a cybersecurity risk intelligence solution, CyberRx™, which “helps SMBs, measure, manage, and communicate their overall cybersecurity readiness, with the ultimate goal of reducing their cybersecurity risk exposure.”
“Our goal with CyberRx is to help small businesses operationalize the Framework in a way that’s simple while providing CEOs with actionable data they can use to make priority and investment decisions,” Ms. Sage explains.
During the webinar, Ms. Sage also discussed the importance of communicating the “simplicity” of the NIST Framework, specifically the five key function areas, to SMBs. She said the Framework is “helpful in organizing a company’s thinking about how to manage its cybersecurity risks.” She also highlighted that NIST is accessible and free which “has been effective and resonated with the SMB community.”
About the Critical Infrastructure Cyber Community
As directed by Executive Order (EO) 13636, the Department of Homeland Security (DHS) launched the Critical Infrastructure Cyber Community, or C3 Voluntary Program on February 12, 2014. The C3 Voluntary Program was formed to promote use of the Cybersecurity Framework and cyber risk management among U.S. organizations.
Developed by e-Management, CyberRx assists SMBs in improving their cybersecurity risk management, assessing exposure and potential financial liabilities around data breaches, and getting actionable risk intelligence to improve their overall cybersecurity readiness. CyberRx is among the first risk intelligence tools to incorporate the Critical Infrastructure Cybersecurity Framework. For more information, visit cyber-rx.com.