The National Institute of Standards and Technology (NIST) last week released an essential guide to help SMEs protecting their data and information.
"Small Business Information Security: The Fundamentals" is written for small-business owners not experienced in cybersecurity and explains basic steps they can take to better protect their information systems.
Businesses of all sizes face potential risks when operating online, but SMEs are particularly targeted: lacking massive budgets and resources to allocate to cybersecurity, SMEs become an easy win for cyberattackers.
The new NIST publication walks users through a simple risk assessment to understand their vulnerabilities. Worksheets help them to identify the information they store and use, determine its value, and evaluate the risk to the business and customers if its confidentiality, integrity or availability were compromised.
The document is based on the agency’s Framework for Improving Critical Infrastructure Cybersecurity that was published in 2014 to provide standards and best practices from the federal government and industry.
Source: www.nist.gov