NEWS from NIST! The Small Business Cybersecurity Corner Website is now Live

SMALL BUSINESS CYBERSECURITY CORNER

NIST_CYBER_CORNER

The vast majority of smaller businesses rely on information technology to run their businesses and to store, process, and transmit information. Protecting this information from unauthorized disclosure, modification, use, or deletion is essential for those companies  and their customers.

With limited resources and budgets, these companies need cybersecurity guidance, solutions, and training that is practical, actionable, and enables them to cost-effectively address and manage their cybersecurity risks. This NIST Small Business Cybersecurity Corner puts these key resources in one place.

Congress has given NIST responsibility to disseminate consistent, clear, concise, and actionable resources to small businesses. All resources are free and draw from information produced by federal agencies, including NIST and several primary contributors, as well non-profit organizations and several for-profit companies. These resources will be updated and expanded regularly.

The website does not provide operational assistance to individual companies, but it does list federal agency and some non-profit contacts that can offer that assistance. Small businesses should immediately report any threats and incidents to the FBI’s Internet Crime Complaint Center (IC3).

Cybersecurity Basics

In this section, you will find introductory information about cybersecurity, cybersecurity-related risks, and the importance of taking appropriate steps to secure your business.

CYBERSECURITY RISKS

Resources that provide overviews of cybersecurity risks and threats to your business and how to manage those risks

FOR MANAGERS

Resources for small business owners and leaders that convey the business value of strong cybersecurity

Communicating with the Board About Cybersecurity: Making the Business Case – provides guidelines for effective board-level communication about cybersecurity matters
National Cyber Security Alliance and National Association of Corporate Directors 

Questions Every CEO Should Ask About Cyber Risks – a guide for CEOs on how to discuss cybersecurity risk management topics with their leadership and implement cybersecurity best practices
Department of Homeland Security

Workforce Management Guidebook: Cybersecurity is Everyone’s Job – provides things to know, and things to do, for everyone in an organization, regardless of its type or size. It is intended for the general audience, which may not otherwise be knowledgeable about, or interested in, cybersecurity.
NICE Working Group

Cybersecurity Workforce Development – The FCC’s Communications Security, Reliability and Interoperability Council’s report on cybersecurity workforce recommendations.
Federal Communications Commission

Planning Guides

PLANNING TOOLS & WORKBOOKS

Guides, online tools, and workbooks to help you evaluate your business’ current approach to cybersecurity and plan for improvements

Cybersecurity Resources Roadmap – helps small and midsize businesses select the most useful cybersecurity resources based on needs
Department of Homeland Security

Cyber Insurance – tips on choosing a cyber insurance policy
Federal Trade Commission

FCC Cyber Planner – The Small Biz Cyber Planner 2.0 is an online resource to help small businesses create customized cybersecurity plans.
Federal Communications Commission

NIST CYBERSECURITY FRAMEWORK

Widely used approach to help determine and address highest priority risks to your business, including standards, guidelines, and best practices

NIST Cybersecurity Framework – links to the framework itself and other resources to help you apply it to your business
National Institute of Standards and Technology

Understanding the NIST Cybersecurity Framework – overview of the framework and how to put it to work in your business
Federal Trade Commission

Cybersecurity Risk Management – The FCC’s Communications Security, Reliability and Interoperability Council’s report on cybersecurity risk management and best practices.
Federal Communications Commission

Cybersecurity Framework for Small Manufacturers

Cybersecurity Framework Steps for Small Manufacturers – helps small manufacturers understand the NIST Cybersecurity Framework and how it can be used to manage their cyber risks. Note: You will be prompted to provide why you need access to the item.
Manufacturing Extension Partnership

NIST Manufacturing Profile – NISTIR 8183 – provides the Cybersecurity Framework (CSF) implementation details developed for the manufacturing environment including a roadmap for reducing cybersecurity risk for manufacturers that is aligned with manufacturing sector goals and industry best practices
Manufacturing Extension Partnership

 

Guidance by Topic

In this section, you will find topic-specific guidance on actions to take to address cybersecurity risks and secure your business.

ALL-PURPOSE GUIDES

Guidance that covers multiple cybersecurity topics

Cybersecurity Basics – basic tips for securing your business
Federal Trade Commission

Lock Down Your Login – simple steps to gain peace of mind and more control over your online security
National Cyber Security Alliance

Start with Security: A Guide for Business – lessons learned from Federal Trade Commission cases that touch on vulnerabilities that could affect your company, along with practical guidance on how to reduce the risks they pose
Federal Trade Commission

Interactive Infographic: How Secure is Your Factory Floor? –  geared towards small manufacturers; provides a virtual tour of potential cyber vulnerabilities on a shop floor.
Manufacturing Extension Partnership

Good Security Habits – general tips for protecting your business electronic devices from unwanted remote access
Department of Homeland Security

Information Security for Small Business: The Fundamentals – NISTIR 7621– provides guidance on how small business can provide basic security for their information, systems, and networks
Manufacturing Extension Partnership

Small Business Cybersecurity “Quick Wins” – covers “quick wins” small businesses can implement now to better secure their sensitive data
National Cyber Security Alliance

GCA Cybersecurity Toolkit for Small Business – assess your security posture, implement free tools, find practical tips, and use free resources and guides to improve your company’s cybersecurity readiness and response
Global Cyber Alliance

FCC Cyber Tip Sheet – Ten key cybersecurity tips to protect your small business.
Federal Communications Commission

CHOOSING A VENDOR/SERVICE PROVIDER

Tips for choosing hardware and software vendors and service providers

Vendor security – tips to make sure business vendors with access to your sensitive business information are securing their own computers and networks
Federal Trade Commission

Hiring a Webhost – what to look for when hiring a webhost provider
Federal Trade Commission

COMPLIANCE

Guidance to help your business comply with Federal government security requirements

DFARS Cybersecurity Requirements – Information for Department of Defense (DoD) contractors that process, store or transmit Controlled Unclassified Information (CUI) who must meet the Defense Federal Acquisition Regulation Supplement (DFAR). DFAR provides a set of basic security controls.
Manufacturing Extension Partnership

NIST Handbook 162 – provides a step-by-step guide to assess a manufacturer’s information systems against the security requirement in NIST SP 800-171 rev 1.
National Institute of Standards and Technology

NIST SP 800-171 – provides requirements for protecting the confidentiality of CUI.
National Institute of Standards and Technology

DEVELOPING SECURE PRODUCTS

Tips to help you develop secure software or hardware products

Careful Connections: Building Security in the Internet of Things – advice for businesses about building security into products connected to the Internet of Things, including proper authentication, reasonable security measures, and carefully considered default settings
Federal Trade Commission

EMPLOYEE AWARENESS

Aids and materials to raise your employees’ awareness about the importance of security

The Cybersecurity Awareness Toolkit – resources to help launch your own cybersecurity awareness program
National Cyber Security Alliance, Better Business Bureau, Facebook, and MediaPRO

It’s Everyone’s Job to Ensure Online Safety at Work – infographic that can be used to remind employees of good security practices
National Cyber Security Alliance

Workforce Management Guidebook: Cybersecurity is Everyone’s Job – Provides things to know, and things to do, for everyone in an organization, regardless of its type or size. It is intended for the general audience, which may not otherwise be knowledgeable about, or interested in, cybersecurity.
NICE Working Group

Cybersecurity Workforce Development – The FCC’s Communications Security, Reliability and Interoperability Council’s report on cybersecurity workforce recommendations.
Federal Communications Commission

PROTECTING AGAINST SCAMS

Tips on dealing with tech support scams, business email scams, etc.

Business Email Imposters – an overview of business email imposter scams and tips for protecting your business
Federal Trade Commission

Tech Support Scams – what to do when you get a phone call, pop-up, or email telling you there’s a problem with your computer
Federal Trade Commission

SMB Alert: Beware of 2019 Tax Scams – provides an overview of common cyber scams targeting small and medium businesses during tax season and includes tips for better protecting data
National Cyber Security Alliance

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on pinterest
Pinterest

2 Responses

  1. Excellent beat ! I wish to apprentice at the same time as you amend your website, how could i subscribe for a blog web site?
    The account helped me a acceptable deal. I have been tiny bit familiar of this your broadcast offered vivid clear concept

Leave a Reply

Your email address will not be published. Required fields are marked *

BE IN THE KNOW

Join 7,592 other subscribers