Business Domain Specific Least Cybersecurity Controls Implementation (BDSLCCI) Certification Guide
BDSLCCI is a step-wise and business-priority-specific cybersecurity framework for any small and medium-sized business. Here is how it can benefit your business.
On this occasion, let SecureClaw explain the Business Domain Specific Least Cybersecurity Controls Implementation (BDSLCCI), which is a stepwise and business priority-specific cybersecurity framework more suitable for small and medium enterprises or businesses (SMEs or SMBs). This article will consider SMB as one term for both SME and SMB.
Below is a high-level history since the BDSLCCI origin.
• 1) SMBs are lagging with cybersecurity implementation. One out of two SMBs is facing cyber-attacks; 46% of cyber-attacks are directed at small businesses, and small businesses that are undergoing successful cyber-attacks - 60% of them shut down within 6 months of it. It is a really terrifying statistic that is harmful to the global economy, as SMBs are the largest contributors to GDP and employment opportunities worldwide.
• 2) According research studies by Dr. Shekhar Pawar who is founder and CEO of SecureClaw Inc., and doctorate with BDSLCCI as research topic from SSBM Geneva, Switzerland - where the top management of SMB companies from 19 different counties participated. It was evident that there are three major problems faced by those companies.
(a) Small and medium-sized companies are not having enough funds or allocated budget for the implementation of hundreds of controls mandated by existing cybersecurity standards.
(b) These companies do not have skilled teammates or other resources to implement and maintain cybersecurity controls.
(c) Top management is not able to see the return on investment (RoI) for cybersecurity implementation, as the top priorities of such companies are not directly aligned with the recommended controls by existing cybersecurity standards or frameworks.
• 3) Further research found that each SMB has a different business domain and a different mission-critical asset (MCA). MCAs in the age of technology are primarily important data, information, or essential infrastructures that manage them. Each SMB's differences are mostly based on their business sector. The asset that has the maximum value, the highest risks, and a big impact on the SMB’s core business can be treated as an MCA. For example, MCA in the industry that deals with healthcare can be Electronic Medical Record (EMR) software; in the Banking, Financial Services, and Insurance (BSFI) industry, it will be a net-banking transaction or financial records kind of web portal; in the e-commerce sector, it will be a shopping web and mobile app online presence; for the innovative manufacturing industry, product design ideas, methodology, and research material might be a more valuable asset than anything else, and so on. Most of the time, MCA is information related.
• 4) Also, each MCA has a different weight for confidentiality, integrity, and availability.
• 5) Research studies also understood the SMBs need minimum cybersecurity controls defined for their business domain.
• 6) Defense in Depth (DiD), also known as the "Security in Depth" strategy, is a conceptual model that addresses the areas of people, process, and technology by defining standards and best practices for protecting various layers of the organization. BDSLCCI is designed to provide recommendations for implementing key DiD controls in parallel with MCA.
• 7) The BDSLCCI framework is designed by Dr. Pawar to provide stepwise cybersecurity implementation.
What are the deliverables of BDSLCCI that can help SMB gain more trust in the market and more business opportunities as a cybersecure vendor in the supply chain?
Once SMB successfully implements BDSLCCI and passes the assessment criteria for a particular level of it, there are 3 deliverables it receives.
• 1) BDSLCCI Certificate: This certificate is awarded to SMBs who have successfully achieved the level of BDSLCCI. SMB can display such a certificate on their social media or website presence to gain more trust in the market.
• 2) BDSLCCI Transcript: This is a kind of score sheet explaining BDSLCCI controls implemented out of controls recommended by BDSLCCI. It gives more information than just the BDSLCCI certificate.
• 3) BDSLCCI Web Analytics Report: It is a web page showing various graphs and information, explaining the coverage and effectiveness of the cybersecurity controls. There is a functional facility to share this web analytics report in a secure manner with customers or other stakeholders. It helps recipients gain more confidence while working or outsourcing business to that particular BDSLCCI SMB.
Which are the different ways SMB can avail of BDSLCCI certification?
There are multiple ways to get BDSLCCI certification.
• 1) SMB can self-assist by directly registering itself on the BDSLCCI web portal. The BDSLCCI web portal provides secured access to various data points and guidance provided by the logic of the BDSLCCI framework. Once SMB implements the required controls recommended by BDSLCCI, it can apply for an online assessment by submitting evidence. In this case, assessments will be done by auditors of BDSLCCI, which is part of SecureClaw.
• 2) SMB can identify a BDSLCCI member company, which is a certification body of BDSLCCI, authorized to provide BDSLCCI certificates as one of its services. Generally, these member companies will provide consulting and other assistance to SMB, making the BDSLCCI certification journey easier. In this case, the final BDSLCCI certification and transcript will be issued by this BDSLCCI member company.
• 3) SMB can even hire BDSLCCI-authorized freelancers who can assist them in their BDSLCCI certification journey where, the final BDSLCCI certification and transcript will be issued by SecureClaw.
How many stages are there in BDSLCCI Certification?
The BDSLCCI offers certifications and assessments at three different levels. SMB moves ahead with MCA or DiD implementation in these three levels based on how many recommended controls are implemented in ascending order of BDSLCCI recommendations.
On the incremental order of control implementation, SMB can be more cybersecure while reaching BDSLCCI Level-3.
Dr. Shekhar Pawar
SecureClaw Inc.
+1 218-718-2121
email us here
Visit us on social media:
Facebook
Twitter
LinkedIn
YouTube
Other
Business Domain Specific Least Cybersecurity Controls Implementation (BDSLCCI) Framework for SME / SMB companies | Information Video Prepared by SecureClaw Inc.
Legal Disclaimer:
EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.