This Site Requires JavaScript Enabled.
Action Required!
Please select your Toolkit from the left sidebar.

Standards

This section is for cybersecurity geeks, and you do not need to read it to implement the toolkit. The GCA Cybersecurity Toolkit for Small Business is based on the first 10 of the CIS Controls, meaning that the toolkit is based on a set of widely recognized steps that organizations should take to improve their security.  The information below shows how the tools included in the GCA Cybersecurity Toolkit relate to and implement these CIS Controls. In addition, we have mapped the tools to national recommendations in the United Kingdom and Australia.  This may help you understand what else you should consider doing to align with the recommendations of your government.
The information below shows how the tools included in the GCA Cybersecurity Toolkit relate to and implement these CIS Controls. In addition, we have mapped the tools to national recommendations in the United Kingdom and Australia.  This may help you understand what else you should consider doing to align with the recommendations of your government.
Toolbox CategoryCIS Controls
version 8.0
NIST CSF version 1.1UK Cyber EssentialsAUS Mitigation Strategies
Know What You Have1, 2DE.CM-7, ID.AM-1, ID.AM-2, PR.AC-1, PR.AC-6, PR.DS-3, PR.DS-6
Update Your Defenses3, 5DE.CM-8, ID.RA-1, ID.RA-5, PR.IP-12, RS.MI-3Secure Configuration
User Access Control
Security Update Management
Patch Operating Systems

Patch Applications

Beyond Simple Passwords5, 6DE.CM-7, PR.AC-1, PR.AC-4, PR.AC-7, PR.PT-3User Access ControlMulti-Factor Authentication

Restrict Administrative Privileges

Prevent Phishing and Malware9, 10DE.CM-1, DE.CM-7, PR.IP-1, PR.PT-2Firewalls

Malware Protection

Application Control
Patch Applications
Configure Microsoft Office Macro Settings
User Application Hardening
Backup and Recover11PR.DS-1, PR.DS-6, PR.IP-4, PR.PT-5,Regular Backups
Protect Your Email and Reputation9DE.CM-1, DE.CM-4, DE.CM-7, PR.IP-1