To make your experience with us as efficient and pleasant as possible, we have compiled the tools below for your reference and use.
The importance of cyber-security for small businesses
Small-business owners may think that they are too small to be victims of cyber hackers, but Pat Toth knows otherwise. Toth leads outreach efforts to small businesses on cyber-security at the National Institute of Standards and Technology (NIST) and understands the challenges these businesses face in protecting their data and systems.
“Businesses of all sizes face potential risks when operating online and therefore need to consider their cyber-security,” she said. “Small businesses may even be seen as easy targets to get into bigger businesses through the supply chain or payment portals.”
Toth is the lead author of NIST’s Small Business Information Security: The Fundamentals(link is external). The guide is written for small-business owners not experienced in cyber-security and explains basic steps they can take to better protect their information systems.
“Many small businesses think that cyber-security is too expensive or difficult; Small Business Information Security is designed for them,” Toth said. “In fact, they may have more to lose than a larger organization because cyber-security events can be costly and threaten their survival.” In fact, the National Cyber Security Alliance found that 60 percent of small companies close down(link is external) within the six months following a cyber-attack.
The new NIST publication walks users through a simple risk assessment to understand their vulnerabilities. Worksheets help them to identify the information they store and use, determine its value, and evaluate the risk to the business and customers if its confidentiality, integrity or availability were compromised.
The guide is based on NIST’s Framework for Improving Critical Infrastructure Cyber-security, which was issued in 2014 as part of efforts to protect the nation’s critical infrastructure. The framework’s processes and tools provide key standards and best practices developed over decades by the federal government and industry. Its simple language allows organizations to better communicate, and its overall design helps them identify, assess and manage cyber-security risks.
Click here more information.