In mid-February 2014, the National Institute of Standards and Technology (NIST) released voluntary industry standards and best practices to prevent cyber-attacks in its publication “Framework for Improving Critical Infrastructure Cybersecurity.” In a statement, President Barack Obama called the Framework a turning point, but also notes that there is still work to be done against these Privacy and Network Security threats.
The government notes that the Framework, which was created through their collaboration with the private sector, should be used to complement an organization’s risk management and cybersecurity, or network security, program. The following guidelines were created by members of the federal government to strengthen privacy and network security efforts. Not only is this good information for insurance agents to have, it is imperative to share this with your clients as well.
These guidelines are divided into three components: core, tiers, and profiles. The core provides a set of activities that achieve specific cybersecurity outcomes, while the tiers provide context on how an organization views privacy and network security risk and the processes in place to manage those risks. Profiles align all this information in order to state current or meet desired network security practices.
Here are seven steps you and/or your clients can take to either establish or strengthen privacy and network security efforts using the Framework:
At PL Risk Advisors, we understand that all industries and companies could face the risk of a privacy and network security breach. Privacy and Network Security Insurance is a must for both small and large firms to protect against this widespread exposure. Please contact us today at (855) 403-5982 to learn more about these coverages as well as our Professional Liability products.