The National Institute of Standards and Technology and the National Initiative for Cybersecurity Education has released a guidebook, “Cybersecurity is Everyone’s Job.”
This guidebook outlines what each member of an organization should do to protect it from cyber threats, based on the types of work performed by the individual. It is intended for a general audience and can be read as a complete guide, or by each business function as a standalone guide. The goal is to build a cyber-secure workforce, with each person doing their part to secure the organization.
The business functions are presented as seven categories:
- Leadership, Planning, and Governance
- Sales, Marketing, and Communications
- Facilities, Physical Systems, and Operations
- Finance and Administration
- Human Resources
- Legal and Compliance
- Information Technology