Pub 1 2021 Issue 4

August 2021 | 31 stricter set of security requirements, in addition to the accessing and processing of shared resources (such as that of data sets). 5. Establishment of Greater Oversight: In this regard, a National Cybersecurity Safety Review Board will be established, made up of individuals from both the public and private sectors. The intention is to have the ability to investigate major security breaches, and it is expected to function much like the National Transportation Safety Board (NTSB). 6. Establishment of a National Cyber Playbook: The use of playbooks is quite common with many Cybersecurity vendors and their clients. A playbook models the various threat vectors, the possible consequences of their impact and creates a set of rules and procedures to mitigate the risk of them impacting your business. But with this new executive order, one of the primary goals is to establish a national Cyber Playbook framework. Any public or private entity can modify, adopt and use for its security environment. 7. A Quicker Response to Detection/Response and Investigation/Remediation: In this regard, the emphasis is on endpoint security. For the longest time, both public and private enterprises were much more concerned about protecting network communications lines. Not much attention was paid to the points of origination and destination of these flows. As a result, cyber attackers took complete advantage and looked at these endpoints to deploy their malicious payloads and move laterally. There will now be much greater emphasis placed on this by the federal government requiring businesses to adopt and implement newer security technologies. The newly signed executive order requires federal agencies and departments to “up their game” in keeping up with technology, applying strong security standards and policy controls, and most of all, knowing what activity is happening on their networks. Fortunately, even small businesses can access enterprise-level tools to manage, report and react to cyber threats. Overall, the new broad executive order is a significant first step, but the critical question remains how quickly these measures will be implemented. Brandon Wales, acting director of the Cybersecurity and Infrastructure Agency, put it best when he said, “It won’t be easy, smooth or cheap, but the cost of not doing anything is simply too high.” There is no time to lose as threat variants become more sophisticated each and every day. Learn more about our cybersecurity services (https://www.resultstechnology.com/ industries/community-bank/cybersecurity-and-network- security/) and how we help organizations implement best pra ctices and cybersecurity frameworks. ■ Mike Gilmore is the Chief Compliance Officer of RESULTS Technology and a Certified Information Systems Auditor (CISA) with more than 30 years of experience in the banking industry. RESULTS Technology provides IT services to community banks across the Midwest. As CCO, Mike provides compliance and risk assessments, audit and exam support, and policy documentation. He can be reached at info@resultstechnology.com. RESULTS Technology is an award-winning provider of IT security and compliance services to community banks nationwide. RESULTS has been ranked as the top IT services provider in Kansas for the financial services market for the past five years. RESULTS offers a complete managed compliance program for Community Banks and has recently developed a cybersecurity tool that specifically addresses the needs of Community Banks. You can contact RESULTS at info@resultstechnology.com .