The UMPI Cybersecurity Framework is divided into 4 Stages. Each stage is expanded into a checklist of controls to implement. Some controls build off of each other, but the controls don't necessarily need to be implemented in order. This framework is designed to be implemented at the discretion of its users, understanding that many small businesses and organizations don't have a large staff or a set budget for technology.
Stage #1 is to Identify & Document the technology landscape of your organization. This entails tasks such as inventorying assets, mapping out the design of your local network, and performing basic cybersecurity scans to gain additional context.
Stage #2 is to Plan how you will implement new cybersecurity measures into your environment. This stage will require reviewing factors like the location of your facilities and the physical topology of your network. There is also a significant focus on the creation of cybersecurity policies, which will help get you, your employees, and even your customers on the same page.
Stage #3 is where you Implement new cybersecurity measures. This is the longest and probably the most difficult stage, as it does require significant trial and error. With careful preparation, anybody can implement the cybersecurity measures listed in this stage. However, if you feel you do not have the time or skills to dedicate to the tasks yourself, it is best to look into either hiring a contractor or tasking the work to various individuals and groups within your organization.
Stage #4 is where you Educate your workplace about new and improved cybersecurity measures and best practices for workplace operations. This stage also requires you to regularly Test your implemented security measures to ensure their functionality and effectiveness.
To begin your journey in improving the cybersecurity of your organization, click on any of the Stages.