London: (519) 672-0900 Kitchener: (519) 772-2525

Blog

How to Use CISA’s Cybersecurity Performance Goals to Lower Attack Risk

By Chris Boudreau | February 2, 2023

Cyber-attacks have constantly threatened organizations of all sizes and industries. According to Ponemon Institute, Canadian companies spend an average of $6.1 million to battle cyber-attacks, as the consequences of a successful attack can be devastating.

Another report, according to Statistics Canada, stated that in 2017, over 54% of Canadian businesses reported that the impact of cyber-attacks and other cyber-security incidents affects employee productivity.

Due to this, businesses can lose valuable data, face legal and financial repercussions, and damage their reputation. To curb this and reduce the risk of attacks, organizations must take proactive measures to protect themselves from these threats, and one effective way to do this is by using the Cybersecurity Performance Goals (CPGs) set by the Cybersecurity and Infrastructure Security Agency (CISA). Even though this is a U.S. agency, these goals can be used by businesses in all countries to take commonsense steps toward better cybersecurity.

CISA created the Cybersecurity Performance Goals to help organizations improve their cybersecurity posture and lower attack risk. These guidelines are based on the NIST (National Institute of Standards and Technology) Cybersecurity Framework and provide a systematic approach to managing cybersecurity risk. 

By following these guidelines, organizations can better understand their assets, vulnerabilities, and threats, implement measures to protect their assets, detect and respond to cyber incidents, and recover from incidents promptly and effectively.

Don’t wait for cyber-attacks to happen to your business before taking action, as cyber-attacks have become more frequent and sophisticated.

Continue reading this article to better understand the CISA Cybersecurity Performance Goals and how to implement them in your organization.

Exploring the CISA Cybersecurity Performance Goals

The CISA Cybersecurity Performance goals are recommendations created to assist organizations in improving their cyber safeguards. The goals provide a clear path for organizations to secure their critical infrastructure and lower cyber-attack risk. Best of all, the guidelines focus on core cybersecurity practices that effectively reduce risk and can be applied to all sectors.  

Topics in the Cybersecurity Performance Goals

The Cybersecurity Performance goals encompass eight main topics. These include

  • Device security.
  • Account security.
  • Data security.
  • Vulnerability management
  • Supply chain/third-party safety. 
  • Response and recovery.
  • Other areas include network segmentation, threat detection, and email security.

Each topic includes an overview of the risks addressed, recommended security practices, actions, scope, and desired outcomes.

Lowering Attack Risk with CISA Cybersecurity Performance Goals 

The CPGs focus on five key areas: identify, protect, detect, respond and recover. To use the CISAs to lower attack risk, organizations need to start by assessing their current cybersecurity posture and identifying areas for improvement. This can be done by conducting a risk assessment and developing a cybersecurity plan that aligns with the CISAs.

Identify

A critical aspect of the CISA CPGs is the identification of assets, vulnerabilities, and threats. Take inventory of all your assets, including hardware, software, and data, and assess the risks associated with each one. By identifying vulnerabilities through vulnerability assessments and penetration testing, you can mitigate or eliminate them.

Protect

Once vulnerabilities have been identified, implement measures to protect your assets from unauthorized access, use, disclosure, disruption, modification, or destruction. This can be done by implementing security controls such as firewalls, prevention systems, encryption, and intrusion detection. Additionally, implement security policies and procedures to ensure that employees are aware of and will adhere to best practices for cybersecurity.

 Detect

The CISA goals also strongly emphasize detecting and responding to cyber incidents. You should have incident response plans in place to respond quickly and effectively to cyber incidents. This includes having a dedicated incident response team and regular incident response drills to ensure that all employees are familiar with the incident response process.

 Respond

Once a cyber incident has occurred, take steps to minimize the impact and recover from the incident as quickly as possible. This includes restoring systems and data and returning to normal operations. You should also conduct a post-incident review to recognize the cause of the incident and take steps to prevent it from happening again.

Recover

You must recover from cyber incidents and return to normal operations as quickly as possible by restoring systems and data and implementing a plan to prevent similar incidents from happening again. This stage is crucial to minimizing an incident’s impact, resuming business activities, and maintaining customer trust.

It is critical to put a strategy in place to ensure quick and efficient recovery and to continuously assess the plan for improvements to reduce attack risks.

CISA Cybersecurity Performance Goal Organization Compliance Key players

To use CISA’s CPG, you must set up a structure with key players to ensure compliance with the CISA cybersecurity Performance Goals to lower the risk of attack on the system. These include:

The Senior Management

The senior management team is responsible for providing the overall direction and support for the cybersecurity program and allocating the necessary resources to achieve the Cybersecurity Performance Goals.

The Chief Information Security Officer (CISO) Or Equivalent

They are responsible for developing, implementing, and maintaining the cybersecurity program and ensuring compliance with the Cybersecurity Performance Goals.

The Incident Response Team

The Incident response team is in charge of detecting, responding, and recovering from cyber incidents, ensuring that incident response procedures align with the CPGs.

The IT/Security Team

They are responsible for managing and maintaining the organization’s cybersecurity controls and ensuring they align with the CPGs.

All Employees

All employees have a role to play in maintaining the Cybersecurity Performance Goals, from following security policies and procedures to identifying and reporting potential threats and adhering to best practices for cybersecurity.

Third-Party Vendors And Service Providers

Organizations should also ensure that their third-party vendors and service providers follow appropriate security controls and have an incident response plan that aligns with the organization’s strategy.

Ready to Take Action to Reduce the Risk of Attacks?

Don’t wait for an attack before taking action; stay ahead of the game and implement the CISA Cybersecurity performance goals to reduce cyber-attack risks in your organization.

PartnerIT experts are here to walk you through your IT security and defend your cyber system from attacks. Contact us today by calling us at 519-772-2525 (Kitchener) or 519-672-0900 (London) or reach us online.

Committed to your success, we’ll get you ready to run your business with less effort and more impact.

Let's Talk