Information Security for Small Businesses

Hackers are targeting smaller, less secure businesses. These small companies need to understand the security risks and be prepared to protect their systems and information.

The National Institute of Standards and Technology (NIST) recently published Small Business Information Security: The Fundamentals. It provides a framework to minimize security risks.

The NIST guide contains the following sections:

1. Background: What is Information Security and Cybersecurity?
2. Understanding and Managing Your Risks
2.1 Elements of Risk
2.2 Managing Your Risks
2.3 When You Need Help
3. Safeguarding Your Information
3.1 Identify
3.2 Protect
3.3 Detect
3.4 Respond
3.5 Recover
4. Working Safely and Securely

Appendices:
A. Glossary and List of Acronyms
B. References
C. About the “Framework for Improving Critical Infrastructure Cybersecurity”
D. Worksheets
E. Sample policy and Procedure Statements

The NIST guide is available for free at this web page.