What's this about?

As of July 1st, Iowa became the fourth state to incentivize information security best practices, establishing a baseline standard for cybersecurity aligned with the NIST framework.

Governor Kim Reynolds recently signed into law House File 553, known as “An Act Relating to Affirmative Defenses for Entities Using Cybersecurity Programs.” The primary objective of House File 553 is to encourage small businesses to voluntarily adopt recognized cybersecurity best practices, establishing a solid foundation for cybersecurity. This initiative marks a crucial first step in establishing a standard for cybersecurity while also providing potential liability protection for organizations.

According to CIS, an Iowa business that adopts one of these frameworks can potentially mitigate:

  • 86% of all attack Techniques found in the MITRE ATT&CK Framework
  • 92% of ransomware ATT&CK Techniques
  • 95% of targeted intrusion techniques
  • 98% of instances of web-application hacking techniques.

By adopting one of the frameworks outlined in the bill text, Iowa businesses can significantly reduce their vulnerability to various cyber attacks. This reduction in vulnerability can lead to an improved cybersecurity strategy and minimize the risk of data breaches or financial losses. Additionally, by implementing these security programs, organizations can demonstrate their commitment to safeguarding sensitive information and protecting their customers' trust. 

Next Steps

ACS has over 40 years of experience in providing holistic technology solutions to businesses in Iowa and nationwide. Get in touch with us today and let our experts answer your questions and help navigate your business through the ever-changing cybersecurity landscape.

Get in Touch