Request Demo

NIST Cybersecurity Framework

NIST Says "Small Business Cybersecurity is Twice as Nice as Pumpkin Spice"

down-arrow

NIST's bloggers went full FALL during October's Cybersecurity Awareness Month as they wrote about the importance of Small Businesses Cybersecurity. The article titled "Small Business Cybersecurity is Twice as Nice as Pumpkin Spice" gives a breakdown of small business strategies to lower risk.

"It is important to note that criminals aren’t always looking to gain from their attacks. Some may attack your business for revenge, e.g., for firing them or somebody they know, or simply for the thrill of wreaking havoc. Similarly, not all cybersecurity events are caused by criminals. Natural events such as fires, floods or hurricanes can also severely damage IT systems. We have all seen the effects of the recent hurricanes in Texas, Florida and Puerto Rico. Would your business be able to recover from a similar storm?

The overall impact of a cybersecurity incident could include:

  • damage to information or information systems;
  • regulatory fines and penalties/legal fees;
  • decreased productivity;
  • loss of information critical to running your business;
  • damage to your reputation or loss of consumer confidence;
  • damage to your credit and inability to get loans from banks; or
  • loss of business income.

Unfortunately, small manufacturers often have more to lose simply because a cybersecurity event—a hacker, natural disaster or business resource loss—can be costly enough to drive them out of business altogether. Small businesses are often less prepared to handle these events than larger businesses, but because they generally have less complex operational needs, there are many steps a small business can take to protect itself.

National Cybersecurity Awareness Month can help you learn how to protect your business. While cybersecurity is continually in the news—hardly a day goes by without some breach or cyber event—we rarely hear about ways to prevent these incidents from occurring. THIS IS THE TIME to spread good security practices within your business. Awareness, training and education are fundamental tools for small businesses to use to protect their company information, assets, IT systems and reputation.

Cybersecurity in a small business doesn’t necessarily mean hiring an expert on staff or as a consultant. [CyberSaint has cybersecurity resources for manufacturers and small businesses]

Some basic cybersecurity topics that you may want to consider for awareness training for your employees include:

  • recognizing phishing attacks;
  • understanding the risks associated with the use of social media;
  • keeping your systems clean by installing patches and using the latest versions of software; and
  • avoiding public Wi-Fi when using mobile devices such as smartphones or tablets.

Having your employees understand these cybersecurity issues and how to address them in the workplace could potentially save your business. Your employees are your first line of defense in protecting your business against cyber-attacks.

October is a good time to enjoy a pumpkin spice latte—or cereal—if that’s your thing. But I hope you take at least a few moments to teach your employees to be more aware of the cybersecurity risks, threats and vulnerabilities to your small business. After all, ‘tis the season for your employees to learn how they can help prevent a cyber incident in the workplace."

Learn How CyberStrong Streamlines the NIST Cybersecurity Framework Adoption


Interested in NIST's Cybersecurity Framework and how it could help your business? Register for our upcoming webinar on steps to simplify the NIST CSF. All registrants will receive a copy of the broadcast as well after the event.


You may also like

The Key To Turning Your Security ...
on December 11, 2018

It is often said, “if you don’t want something noticed, don’t talk about it”. This is true of a bad GPA, a stain on a carpet, or a project you might have missed a deadline for. ...

Solving The Cybersecurity Skills ...
on December 6, 2018

It is no shock to those in the cyber community that cybersecurity has become a board-level issue for many enterprises. A PwC survey showed a 20% increase in CEO’s concern over ...

The Next Wave Of Innovation For ...
on December 5, 2018

   The internet of things (IoT) is a force transforming the modern enterprise. Anything from robotics in warehouses to smart manufacturing to data center monitoring, the ...

The Corporate Compliance and ...
on December 4, 2018

Corporate compliance and oversight (CCO) is one of the main pillars to a strong integrated risk management (IRM) program and solution. Today, compliance leaders are faced with a ...

Securing the AI powered enterprise
on December 5, 2018

Machine learning and artificial intelligence (AI) has become the competitive differentiator of our time. By 2020, Gartner predicts that almost all new products to enter the market ...

4 Compliance And Risk Reports ...
on November 28, 2018

By 2020, 100% of large enterprises will be asked to report to their board of directors on cybersecurity and technology risk at least annually, which is an increase from today's ...

Alison Furneaux