NTCA Cybersecurity Series
Cybersecurity is not a one-time activity, but a continuous pursuit. Cyber risk is a complex problem, and it is unpredictable. Cybersecurity goes well beyond the responsibility of the information technology (IT) department. It is a companywide responsibility and requires diligence at every level and by every employee.
To help NTCA members in their efforts, we have created the NTCA Cybersecurity Series as a comprehensive guide consisting of six components designed to help telco executives, board officers and operational staff develop a risk-management approach to cybersecurity. The six components of the NTCA Cybersecurity Series are designed to work together to help improve your company’s cybersecurity posture.
Part 1: The Fundamentals of Cybersecurity
The Fundamentals of Cybersecurity is an introductory overview of the cybersecurity realm and the partnership with government in protecting critical resources. It offers tailored resources to help companies examine cyber risk-management approaches and assessments and clarify roles and responsibilities.
Part 2: Sector-Specific Guide to the NIST Cybersecurity Framework
The Sector-Specific Guide to the NIST Cybersecurity Framework helps your operational staff evaluate your company’s cybersecurity program at a more granular and sophisticated level. It includes NTCA’s updated NIST Framework Evaluation Tool that will help small network service providers digest and apply Version 1.1 of the NIST Cybersecurity Framework to their operations, while simultaneously providing flexibility for individual companies to suit their unique needs, characteristics and risks.
DOWNLOAD PART 2 DOWNLOAD EVALUATION TOOL
Part 3: Discussion Draft/Template for Cybersecurity and Supply Chain Risk Management Plan
The Discussion Draft/Template for Cybersecurity and Supply Chain Risk Management Plan is a discussion draft that you can use to begin developing your own cybersecurity plan and is intended to spur discussion, particularly for companies preparing to file their plans to comply with Enhanced A-CAM requirements. It is important to note that: (a) while this discussion draft can be used as a starting point, your company’s cybersecurity and supply chain risk management plan should accurately reflect your own cybersecurity challenges and efforts; and (b) this draft is intended merely as an initial baseline for further development and refinement in consultation with your internal experts and external advisors who will need to guide you through specific compliance requirements.
Part 4: Cyber Incident Response Plan
The Cyber Incident Response Plan is an essential component of your overall cyber risk management strategy. This sample response plan is a resource for your company’s senior leaders and cyber risk-management team to help you either create or revise a robust cyber incident response plan.
Part 5: Employee Cybersecurity Training Video
The Employee Cybersecurity Training Video is a video you can share with employees to educate them on how to stay safe online.
Part 6: Protecting Your Network and Data
Protecting Your Network and Data will examine the most common vulnerabilities in your workplace and networks and offer practical advice on addressing them. A printable poster is available on the NTCA website to share with your employees to help them strengthen their cybersecurity skill sets.
Looking for more cybersecurity resources? CyberShare: The Small Broadband Provider ISAC promotes the resiliency and continuity of operation of small network operators across the United States.