This Site Requires JavaScript Enabled.
Action Required!
Please select your Toolkit from the left sidebar.
Action Required!
Please select your Toolkit.

Standards

This section is for cybersecurity geeks, and you do not need to read it to implement the toolkit. The GCA Cybersecurity Toolkit for Small Business is based on the first 10 of the CIS Controls, meaning that the toolkit is based on a set of widely recognized steps that organizations should take to improve their security.  The information below shows how the tools included in the GCA Cybersecurity Toolkit relate to and implement these CIS Controls. In addition, we have mapped the tools to national recommendations in the United Kingdom and Australia.  This may help you understand what else you should consider doing to align with the recommendations of your government.
The information below shows how the tools included in the GCA Cybersecurity Toolkit relate to and implement these CIS Controls. In addition, we have mapped the tools to national recommendations in the United Kingdom and Australia.  This may help you understand what else you should consider doing to align with the recommendations of your government.
Toolbox CategoryCIS ControlsNIST CSF version 1.1UK Cyber EssentialsAUS Mitigation Strategies
Know What You Have1, 2
DE.CM-7, ID.AM-1, ID.AM-2, PR.AC-1, PR.AC-6, PR.DS-3, PR.DS-6
Update Your Defenses3, 5DE.CM-8, ID.RA-1, ID.RA-5, PR.IP-12, RS.MI-32, 3, 5
  • Patch Applications
  • Patch Operating Systems
  • User Application Hardenning
  • Patch Applications
  • Patch Applications
  • Patch Applications
  • Patch Applications
Beyond Simple Passwords4DE.CM-7, PR.AC-1, PR.AC-4, PR.AC-7, PR.PT-33
  • Two Factor Authentication
Prevent Phishing and Malware7, 8DE.CM-1, DE.CM-7, PR.IP-1, PR.PT-21, 4
  • Web content filtering
  • Antivirus software using heuristics and reputation ratings
  • Antivirus software with up-to-date signatures
  • Software-based application firewall, blocking incoming network traffic
Backup and Recover10PR.DS-1, PR.DS-6, PR.IP-4, PR.PT-5,
  • Daily Backups
Protect Your Email and Reputation7DE.CM-1, DE.CM-4, DE.CM-7, PR.IP-1
  • Block spoofed emails