Skip to content

Cybersecurity: Industry Best Practices & Resources

Achieving a secure state for your IT environment takes time, investment, collaboration and resources.

Cybersecurity is essential for today’s connected world. Every facility can become the target of a cyberattack – businesses, factories, banks, institutions, homes and even infrastructure such as electricity transmission grids. Cyberattacks are typically aimed at accessing, changing or destroying sensitive information; extorting money from people; or interrupting normal business processes.

This portal features best practices and actionable steps that your organization can take to establish safety protocols to keep data and systems safe. The cost of inaction can be substantial


Cybersecurity Action Plan

EFC’s Cybersecurity Best Practices and Cybersecurity Measures of Success task groups, comprising IT experts from our industry, have developed resources to help steer your company’s cybersecurity priorities and investments.

Resources for Executives

Understand the types of cybersecurity threats, business impacts, priorities and investment requirements.

Resources for IT Professionals

Mobilize / enhance cybersecurity practices by establishing a shared vision with executives, setting priorities and employing risk assessment methods.

CIS Controls Worksheet
Exclusive – EFC members only

Nine Pillars of Cybersecurity

An effective cybersecurity strategy involves multiple touchpoints and security measures to ensure assets are secure from malicious threats and attacks. Here are nine core areas that should be incorporated into a cybersecurity action plan:

Nine Pillars of Control

CIS Controls®

The Center for Internet Security (CIS) has developed a set of 18 globally-recognized CIS Controls to help businesses mitigate cyber-attacks on systems and networks. The CIS Controls include multiple legal, regulatory and policy frameworks to help organizations prioritize practices based on resource capacity, budget and scale.

Learn More

Disclaimer: This portal has been developed for EFC members and respective customers and partners and is for informational purposes only. EFC, nor any members involved in resource development, make any warranty—expressed or implied—or assume any legal liability or responsibility for any loss or damages.