Benchmark: CISA Cyber Essentials
To obtain the latest version of the official guide, please visit https://www.cisa.gov/cyber-essentials.
Cybersecurity & Infrastructure Security Agency's (CISA) Cyber Essentials is a guide for leaders of small businesses as well as leaders of small and local government agencies to develop an actionable understanding of where to start implementing organizational cybersecurity practices.
Managing cyber risks requires building a Culture of Cyber Readiness. The Culture of Cyber Readiness has six Essential Elements:
- Your Staff
- Your Systems
- Your Surroundings
- Your Data
- Your Crisis Response
- Booting Up: Things to Do First
Even before your organization has begun to adopt a Culture of Cyber Readiness, there are things you can begin doing today to make your organization more prepared against cyber risks.
Employ a backup solution that automatically and continuously backs up critical data and system configurations.
Require multi-factor authentication (MFA) for accessing your systems whenever possible. MFA should be required of all users, but start with privileged, administrative, and remote access users.
Patch & Update Management
Enable automatic updates whenever possible. Replace unsupported operating systems, applications and hardware. Test and deploy patches quickly.
steampipe check aws_compliance.benchmark.cisa_cyber_essentials