Copy of TTT_Printed-Newsletter-August-2022
On July 16, 2020, the FCC adopted rules to establish 988 as the nationwide, easy-to-remember 3-digit dialing code for Americans in crisis to connect with suicide prevention and mental health crisis counselors. The rules require phone service providers to direct all 988 calls to the existing National Suicide Prevention Lifeline by July 16, 2022.
To ensure that calls to 988 reach the National Suicide Prevention Lifeline, all providers will be required to implement 10-digit dialing in areas that both use seven-digit dialing and use 988 as the first three numbers in seven-digit phone numbers.
What you can expect:
Timeline for Transition to 10-Digit Dialing:
As always, our team is ready and happy to assist you if you have any questions or concerns, please do not hesitate to contact us.
Additional Resources:
FCC Fact Sheet: 988 AND SUICIDE PREVENTION HOTLINE
PA Dept. of Human Services: 988 A Direct Link for Suicide Prevention and Crisis Support
Protecting your business’s assets is an integral part of management operations. Cyberattacks and threats can pose alarming concerns for your company, and it can be challenging to know how to handle or predict them.
One way to address and stay on top of these types of threats is an information security risk management strategy. You have various options for crafting a risk management strategy, from creating a strategy yourself to crafting one based on an existing framework or combining both for a more customized experience.
Keep reading to learn everything you need to know about information security risk management and the factors that go into building your strategy!
Information security risk management (ISRM) involves analyzing risks associated with information technology. It’s an ongoing process of recognizing, fixing and preventing security problems. ISRM is integral for business operations and keeping your organization safe from potential attackers and threats.
Security assets can include financial information, intellectual property and employee information. With ISRM, you can:
Different members of your organization could be involved in the ISRM process, possibly including an information security team, the head of IT or a member of IT who manages the system day to day.
As technology progresses, some of your business’s tasks will become easier and more manageable. However, increased reliance on technology can also mean increased susceptibility to cyberattacks that threaten your organization’s vital information and assets. In 2021, there was a 15.1% increase in cyberattacks compared to prior years.
Creating an ISRM strategy will help you determine high-priority assets vs. less essential assets. If you do not take the time to view potential cyberattacks on your business, you will not be able to allocate technology or protection where it is needed.
You want to analyze present risks to keep these assets safe. However, the goal of ISRM isn’t to get rid of every risk facing your business. Instead, your goal should be to figure out the acceptable risk level for your organization.
Many frameworks will work when building an ISRM strategy, and it depends a lot on your business and goals. An ISRM strategy can be broken down into four stages — assessment and identification, planning, analyzing success and maintenance.
The goals of this first stage are to understand the risks currently facing your business and which ones your business can and cannot handle. Consider what data or systems are the most valuable to your business. Identify some possible vulnerabilities associated with those assets that put their confidentiality at risk. From there, you can determine potential threats and existing controls to keep assets safe.
During this step, you should plan your goals for your ISRM. Define what specifically you hope to accomplish with your strategy and how your plan will help you achieve those goals. After outlining your goals, determine how you will implement them and who will be involved in the process. Then, start integrating your plan.
The more specific your goals are, the better you’ll be able to analyze your strategy’s success. During this step, you should also communicate with stakeholders and the rest of the organization so they understand your rationale behind combatting or not combatting a risk.
Questions for how you can analyze the success of your strategy can be found in the FAQ section below.
The maintenance step involves revisiting and repeating the steps in your ISRM process. Cybersecurity threats evolve fast — to stay on top of them, you need to continually reevaluate your ISRM process and evolve alongside it. You still need to monitor the control periodically if one is implemented as a part of your strategy.
There are different ISRM standards based on your industry, but looking at the standards provided by the International Organization of Standardization (ISO) is often a good place to start. ISO standards are based on the opinions of global experts and developed through a diligent, multistakeholder process.
The set of standards specific to information security is the ISO 27000 series. This set of standards explains some best practices that help organizations improve their information security. The central standard in this series is ISO 27001.
However, it’s important to realize ISO standards will not be appropriate for every organization.
Have more questions about information security risk management? Find your questions answered below:
You can ask yourself the following questions to get a gauge of how effective your current ISRM strategy is:
You have several options for treating the potential security threats facing your organization:
The option you choose will depend on your business and the threat you’re dealing with.
The National Institute of Standards and Technology (NIST) uses this framework core for achieving cybersecurity outcomes:
Frameworks are built on a solid understanding of risks and risk mitigation. It’s best practice to start with a known framework, consider the recommendations from the framework, and defer some that are out of scope. If companies develop their own from scratch, they may not think about what they are doing in a critical unbiased manner.
An effective ISRM strategy can be key to an organization. You may not see its value in the short term, but the long-term impacts of ISRM will make your efforts worth the while.
An outside organization can provide you with an ISRM assessment. Morefield Communications is dedicated to enabling your success by giving you greater productivity, ultimate protection and better customer service. Read testimonials from our clients to get a sense of our work, then contact us to schedule your ISRM assessment today.
Morefield is always excited to share our passion and expertise to better help the community understand the importance of cyber security. Morefield’s new virtual chief information officer, Allan Jacks, was happy to provide cyber information to the Central Penn Business Journal and Lehigh Valley Business for their latest article. Check out the preview and link below.
Sixty percent of small businesses who have suffered a cyber security breach go out of business within six months.
Allan Jacks, virtual chief information officer with Morefield Communications in Camp Hill, said there was a 424% increase in cyber breaches last year over 2020, with 43% of the victims being small or medium-sized firms.
Read more at https://www.cpbj.com/small-companies-targets-for-cyber-attacks-that-can-force-them-out-of-business/
