Earlier this year, worldwide consulting firm McKinsey & Company surveyed more than 100 organizations in multiple industries to assess their level of what researchers termed “cybersecurity maturity.”

Analysts laid out four levels of maturity for participants in the study, starting from a base of “zero capabilities” to an apex of a “proactive approach.” Along the way, companies progress through “ad hoc management” by plugging gaps to “security by design” – i.e., “embedding in products, services and processes.”

In the end, researchers concluded 70% of the organizations examined “have yet to fully advance to a mature-based approach.”

“Ours is proving to be the century of cyber insecurity, yet few organizations have made sufficient progress in protecting information assets,” summed McKinsey consultants.

But along with this grim assessment, the study’s authors advocated a method for raising a business’ maturity level: The Cybersecurity Framework of the National Institute for Standards and Technology (NIST).

For years, we’ve encouraged companies to follow this pathway, too. Here are NIST’s seven action areas:

  1. Prioritize information assets and related risks
  2. Enlist frontline personnel
  3. Integrate cyber-resilience into enterprise-wide processes
  4. Develop integrated incident response
  5. Integrate security into technology environments
  6. Provide layers of protection for most important assets
  7. Deploy active defenses

Of course, there’s much to do at every stage. Give us a call at TeamLogicIT Plano (469) 573-3743 or go to our website teamlogicitplanotx.com and we will help your business with all cybersecurity needs.