www.vermont.gov
Proactive cybersecurity monitoring will save money and reputational capital if your
organization finds itself the victim of a cyber-incident. According to Forbes, costs averaged
$3.86 million per breach in 2018. The costs typically include legal, forensics, breach
notification, and fines by regulators if you are found negligent.
Vermont businesses have worked very hard developing their intellectual property. We are
very proud to have organizations that hold patents and trade secrets that they use to develop
their products and grow their business. For this reason, Cyber Resilience has become a
critical business capability that employs cybersecurity controls and procedures to protect
intellectual property and sustains a business’s ability to operate.
Privacy violations may involve the loss of regulated data, such as health or personally
identifiable information. Such information must always be secured. When an organization
possesses personally identifiable information, they must understand that they have been
entrusted with one of the most precious assets of our citizens –
their personal information
.
That position of “trust” requires, and even demands, the implementation of appropriate Cyber
Resilience measures. Data, and information created from that data is essentially the life blood
of government and business. It must be properly managed and protected. When that data
and information constitutes personally identifiable information there is a higher order of
responsibility and accountability for protecting it.
CYBER COMMUNICATION (NIST CSF- Identify)
Expand Vermont’s communication, coordination, and awareness between entities such as
state and local government agencies, businesses, and citizens to improve understanding of
risk.
Cybersecurity today is a team sport with private sector, government, and law enforcement
sharing information and working together to defend, respond, and recover. Responding to
this challenge is the development of Cybersecurity Information Sharing activities. Federal
statute creates an environment where diverse institutions can share best practices,
understand the threats, and prepare to respond and recover. An Information Sharing and