One of the significant challenges of the digital age is the protection of online assets and communications from threats posed by hacking, online theft or fraud, and misinformation intended to harm company reputations or capabilities.
The Cybersecurity and Infrastructure Security Agency (CISA) leads the national effort to protect and enhance the resilience of the nation’s physical and cyber infrastructure. Their website provides cybersecurity resources and best practices for businesses, government agencies, and other organizations. Visit the website for more information.
CISA helps organizations use the Cybersecurity Framework to improve cyber resilience.
Framework Function Areas
Identify – Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities.
The activities in the Identify Function are foundational for the effective use of the Framework. Understanding the business context, the resources that support critical functions, and the related cybersecurity risks enables an organization to focus and prioritize its efforts, consistent with its risk management strategy and business needs. Examples of outcome Categories within this Function include: Asset Management; Business Environment; Governance; Risk Assessment; and Risk Management Strategy.
Protect – Develop and implement the appropriate safeguards to ensure the delivery of critical infrastructure services.
The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event. Examples of outcome Categories within this Function include: Access Control; Awareness and Training; Data Security; Information Protection Processes and Procedures; Maintenance; and Protective Technology.
Detect – Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event.
The Detect Function enables the timely discovery of cybersecurity events. Examples of outcome Categories within this Function include: Anomalies and Events; Security Continuous Monitoring; and Detection Processes.
Respond – Develop and implement the appropriate activities to take action regarding a detected cybersecurity event.
The Respond Function supports the ability to contain the impact of a potential cybersecurity event. Examples of outcome Categories within this Function include: Response Planning; Communications; Analysis; Mitigation; and Improvements.
Recover – Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event.
The Recover Function supports timely recovery to normal operations to reduce the impact of a cybersecurity event. Examples of outcome Categories within this Function include: Recovery Planning; Improvements; and Communications.
To learn more about the Framework or to download a copy, visit http://www.nist.gov/cyberframework.
Resources
- National Cybersecurity Alliance
- Louisiana State Analytical and Fusion Exchange
- Cybersecurity and Infrastructure Security Agency – CISA
- Center for Internet Security
Tip Sheets
Small to Medium Size Business Resources
Cyber Essentials
CISA’s Cyber Essentials is a guide for leaders of small businesses as well as leaders of small and local government agencies to develop an actionable understanding of where to start implementing organizational cybersecurity practices.
Cybersecurity Resources Road Map (A Guide for Critical Infrastructure SMBs)
The Cybersecurity Resources Road Map is a guide for identifying useful cybersecurity best practices and resources based on needs.
Stop.Think.Connect. Toolkit
The Stop.Think.Connect. TM campaign includes cybersecurity tips for SMBs.
Need to report an attack or file a complaint?
If you are a victim of a cyberattack or cybercrime in Louisiana, contact the Louisiana Fusion Center @ 1-800-434-8007 or LaFusion.Center@la.gov
Louisiana Cybersecurity Commission
To protect against these threats, the Louisiana Cybersecurity Commission was established in 2018 under a charter signed by Governor John Bel Edwards and tasked with coordinating cybersecurity efforts among Louisiana government agencies and organizations in both the public and private sectors.
The Cybersecurity Commission formed eight committees to investigate and implement measures to ensure the security of Louisiana’s cyber-ecosystem. One of those committees is the Private Sector and Economic Development Committee, co-chaired by Louisiana Economic Development (LED) and the Louisiana Business Emergency Operations Center (LABEOC). The mission of the committee is to “facilitate economic development by promoting a cyber-safe Louisiana for businesses and consumers.”
This section of the LABEOC will serve as an information-sharing portal in cybersecurity for Louisiana businesses and private sector entities and as a resource for procedures, best practices, and lessons learned in cybersecurity risk management. Links and references to current online resources are provided below. This resource base will be expanded to include new sources as they become available. LABEOC and LED welcome additional references, company best practices, and recommendations or ideas for adding to this section.
Join our cybersecurity group for periodic updates. You may unsubscribe at any time.