Resources for Small and Midsize Businesses (SMB)
Cybersecurity is critical to any business enterprise, no matter how small. However, leaders of small and midsize businesses (SMB) often do not know where to begin, given the scope and complexity of the issue in the face of a small staff and limited resources.
To help business leaders get started, DHS has provided a list of top resources specially designed to help SMBs recognize and address their cybersecurity risks.
C³ Voluntary Program SMB Toolkit
This packet contains resources specially designed to help SMBs recognize and address their cybersecurity risks. Resources include talking points for CEOs, steps to start evaluating your cybersecurity program, and a list of hands-on resources available to SMB.
The Stop.Think.Connect.™ campaign has an online Toolkit that includes information specific to SMBs. The Toolkit can be found at http://www.dhs.gov/stopthinkconnect-toolkit or www.stcguide.com .
Small Business Administration (SBA) Training
This 30 minute, self-paced training exercise provides an introduction to securing information in small businesses. For more information, please visit: https://www.sba.gov/tools/sba-learning-center/training/cybersecurity-small-businesses .
Federal Small Biz Cyber Planner
This tool helps businesses create custom cybersecurity plans. The Small Biz Cyber Planner includes information on cyber insurance, advanced spyware, and how to install protective software. For more information, please visit http://www.fcc.gov/cyberplanner .
Small Business, Big Threat
This online assessment tool, developed by the Michigan Small Business Development Center (SBDC), assists small and medium businesses in evaluating the cyber risks they face. At the conclusion of the 30 minute assessment, participants receive a risk assessment report and can choose from a variety of resources to engage with, including in-depth trainings, webinars, best practices, and industry articles on small business cyber security. Learn more and take the assessment at www.smallbusinessbigthreat.com .
Internet Essentials for Business 2.0
This guide for business owners, managers, and employees focuses on identifying common online risks, best practices for securing networks and information, and what to do when a cyber incident occurs. For more information, please visit: https://www.uschamber.com/internet-security-essentials-business-20 .
NACD Cyber-Risk Oversight Handbook
The National Association of Corporate Directors (NACD), in conjunction with AIG and the Internet Security Alliance, has identified five steps all leadership and management teams should consider as they seek to enhance their oversight of cyber risks. The NACD Cyber-Risk Oversight Handbook can be found here: http://www.nacdonline.org/cyber .
White Paper: Every Small Business Should Use the NIST Cybersecurity Framework
This white paper from eManagement can help SMBs understand and use the National Institute of Standards and Technology (NIST) Cybersecurity Framework. It provides cybersecurity tips for SMBs aligned to the Framework’s core functions: Identify, Protect, Detect, Respond, and Recover. The white paper can be found here .
Geographically Specific Resources
This collection of cyber resources from various levels of government can help small and midsize businesses recognize and address their cyber risks. Access geographically-specific resources here .