Preparing for ORC 9.64

Cybersecurity Planning: Preparing for ORC 9.64

1. Watch OPLIN’s Webinar Security Planning from Scratch. 
   A library-focused introduction to the new requirements, cybersecurity concepts, and tools to assist.
    
2. Sign up for the Cyber Frontline First Aid Kit.
   A self-paced introduction to security terms and essential action items to implement before enrolling in the whole organization cybersecurity training program Ohio Persistent Cyber Improvement (O-PCI).
    
3. Update backup procedures and document critical accounts.
   Document your library's critical business accounts and data, and make secure backups of your data, credentials, and contacts. Keep paper copies of your incident response plan and critical contacts.
    
4. Ready to start planning? Use a Cybersecurity Framework to help you prioritize.
   1. NIST CSF 2.0 Quick Start Guide
      Use the concepts Govern, Identify, Protect, Detect, Respond, and Recover to design a security plan that fits your library’s resources, risks, and budget.
   2. CIS 18 Controls
      Organized like a "Dewey Decimal" of critical security controls to safeguard your organization's data and assets from security threats. 
       
5. List existing security controls and identify areas of need.
   1. Work with your IT provider to list the security controls your library already has in place, then compare your existing controls with a Framework to identify areas that need additional safeguards.
   2. CIS Security Controls Self-Assessment Tool lets you and your IT team track your controls in a private dashboard. 
       
6. Review, revise, and repeat over time to build your library’s security readiness.
   Your security plan must change with your library's needs, resources, and personnel. Review and update the plan frequently, rehearse response and recovery steps with key team members, and mature your security preparedness over time.
    

Ready for more resources? Visit https://oplin.ohio.gov/security.