“Cyber resiliency is the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on cybersecurity resources.” National Institute of Standards and Technology
The MassCyberCenter has compiled the below resources from our national, state, local, and nonprofit partners.
- National Institute of Standards and Technology (NIST)
- NIST Framework: NIST created this voluntary Framework consisting of standards, guidelines, and best practices to manage cybersecurity-related risk. The Cybersecurity Framework’s prioritized, flexible, and cost-effective approach helps to promote protection and resilience.
- Center for Internet Security (CIS)
- CIS Top Controls: Security leaders uses the Controls to quickly establish the protections providing the highest payoff in their organizations. They guide you through a series of 20 foundational and advanced cybersecurity actions, where the most common attacks can be eliminated.
- Cybersecurity and Infrastructure Security Agency (CISA)
- Cyber Essentials: CISA put together a guide for leaders of small businesses as well as leaders of small and local government agencies to develop an actionable understanding of where to start implementing organizational cybersecurity practices.
- Resources for State, Local, Tribal, and Territorial (SLTT) Governments: CISA has put together these resources to assist state, local, tribal, and territorial governments with securing their organization. Includes Best Practices, Case Studies, an SLTT Toolkit, and more.
- Stop, Think, Connect" The STOP.THINK.CONNECT.™ Campaign is a national public awareness campaign aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online.
- Federal Bureau of Investigation
- The mission of the FBI’s Internet Crime Complaint Center (IC3) is to provide the public with a reliable and convenient reporting mechanism to submit information to the FBI concerning suspected Internet-facilitated criminal activity and to develop effective alliances with law enforcement and industry partners. Information is analyzed and disseminated for investigative and intelligence purposes to law enforcement and for public awareness.
- National Cyber Security Alliance (NCSA)
- “Stay Safe Online” NCSA aims to provide information and resources for individuals and organizations to be safer and more secure online.
- National Governors Association
- Resource Center for State Cybersecurity: While targeted at governors' offices and statewide leaders, provides solid background and reporting about state-level preparedness.
- Federal Communications Commission (FCC)
- FCC's 'Cyberplanner': Helps organizations create and save a custom cybersecurity plan quickly to address specific business needs and concerns.
- Federal Trade Commission (FTC)
- Small Business Fact Sheet: This interactive, online fact sheet covers cybersecurity basics and best practices, including the NIST Framework and common security threats (e.g. phishing, ransomware, email spoofing, and tech support scams, etc.).
- Center for Internet Security
- Multi-State information Sharing & Analysis Center: A service available to the nation’s state, local, tribal and territorial governments to improve cybersecurity posture through focused cyber threat prevention, protection, response, and recovery.
State and Local Partners
- Executive Office of Technology Services and Security (EOTSS)
- EOTSS maintains tips on how to safeguard your online identity and data from cyber security threats, online scams and data breaches. EOTSS is responsible for providing digital service for Massachusetts 40,000 state employees as well as digital services and tools that enable taxpayers, motorists, businesses, visitors, families, and other citizens to do business with the Commonwealth in a way that makes every interaction with government easier, faster, and more secure. https://www.mass.gov/cybersecurity
- EOTSS Enterprise Security Office is responsible for writing, publishing, and updating all Enterprise Information Security Policies and Standards that apply to all Executive Department offices and agencies. This is a compilation of those policies and standards.
- Massachusetts Attorney General's Office (MassAG)
- Massachusetts Digital Health Initiative
- "Cybersecurity Toolkit for Digital Health": This toolkit serves as an educational resource for digital health companies at all stages of growth, covering the fundamentals and best practices for cybersecurity and privacy protection. Created by MassChallenge HealthTech, in collaboration with a council of cybersecurity experts from the region, with funding support from MeHI (Massachusetts eHealth Institute).
- Advanced Cyber Security Center (ACSC)
- ACSC is the region's only non-profit, member-driven organization committed to strengthening member cybersecurity defenses and preparing the region's response to large scale cyber threats. ACSC brings together the private and public sectors to ensure its members and the region are national leaders in "Collaborative Defense."
- Cyber Threat Alliance (CTA)
- CTA is a not-for-profit organization working to improve the cybersecurity of the global digital ecosystem by enabling near real-time, high-quality cyber threat information sharing among companies and organizations in the cybersecurity field. This approach brings together companies that typically compete with one another and enables them to work together for the greater good.
- Cybercrime Support Network (CSN)
- CSN is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime.
- Massachusetts Municipal Association (MMA)
- MMA brings together the Commonwealth’s municipal officials to articulate a clear and united municipal message, to develop and advocate for unified policies, and to share information and work together to increase the efficiency and effectiveness of municipal service delivery.
- Siteline Security
- Siteline Security’s mission is to equip, empower, and support global nonprofits to navigate and embed cybersecurity into their organizations with confidence.