Skip to main content

Reducing Cybersecurity Risks

Benefits in Brief: Reducing Cybersecurity Risks

Mueller Prost

April 01, 2019

The National Institute of Standards and Technology (NIST) has developed a standard framework designed to reduce cybersecurity risks to critical infrastructure, including ERISA employee benefit plans.

The NIST cybersecurity framework includes the following five components:

1. Identify cybersecurity risks.

The weakest cybersecurity links can present the greatest risks. Often the weakest link is employees who haven’t been properly trained in how to handle sensitive data or who are careless in handling this data.

2. Protect sensitive data.

This starts with creating a culture of awareness within your organization about the importance of data security. Ideally, data protection will incorporate both technology solutions such as encryption and human solutions such as ongoing training in how to handle sensitive data.

3. Detect data breaches.

This is critical given the fact that experts say cyberattacks aren’t a matter of if, but when. Perform penetration testing before an attack happens so you’ll be able to detect one when it occurs.

4. Respond to cyberattacks.

Your framework should detail specifically what your organization’s response to a cyberattack will be in order to minimize any damage from the attack.

5. Recover from cyberattacks.

The framework should also detail how your organization will recover from any damage that does occur from a cyberattack.

Image of a person on a trail with the words "Bring your vision to life. Every business needs a plan—from taxes and financial reporting to increasing profit growth and what comes next." Click to see your path forward

Unlock industry secrets.

Mueller Prost insights, delivered right to your inbox.

Sign Up.

Related Insights