Tailoring the Cybersecurity Message for Small Orgs, Residents

There’s plenty of cybersecurity advice swirling about — perhaps too much. Organizations can get easily overwhelmed by all the different advice and regulatory frameworks, leaving them at a loss as to where to start their improvement efforts, said Phyllis Lee, senior director of Controls at the Center for Internet Security (CIS).

There’s an element of realism and practicality that needs to be part of these conversations:

“In the real world, we know that almost no organizations are actually patching every single vulnerability everywhere in the environment,” said Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA).