Request Demo

NIST Cybersecurity Framework

Small to Mid Sized Businesses: How to Consider the NIST Framework

down-arrow

As a small business owner, you might feel like your organization is less of a target for a cyber attack than the larger corporations in your industry. However, the importance of investing in the protection of your information both physically and digitally is important more now than ever for small businesses. 

At any size, a company’s bottom line is severely effected by the success of its cybersecurity risk management initiatives. Attacks that cause widespread damage across an organization result in increased costs to recover and impact its ability to generate revenue. Small businesses are attacked about four thousand times per day, making up 62% of all cyber attacks according to IBM. The U.S. National Cybersecurity Alliance says that the cost of cleaning up after an attack for a small to mid-sized business can range from $690,000 to over $1 million. Cybersecurity data breaches result in damage and destruction of data, lost productivity, forensic investigation, and business course disruption among others. Global ransomware damage costs are projected to exceed $5 billion in 2017, which is no surprise considering the $1 billion in damages caused by WannaCry within a four day period. It is clear that the processes by which organizations are managing their cybersecurity posture is not enough. The National Institute for Standards and Technology’s framework is a set of guidelines that attempts to solve this problem of internal cybersecurity management, and is a guide for businesses of all sizes across almost all industries to build upon.

NIST states “Because small businesses typically don’t have the resources to invest in information security the way larger businesses can, many cyber criminals view them as soft targets”. To a small business, a strong cybersecurity program is often seen as a task too difficult because of the resource requirements. These businesses are encouraged to think about how to use their resources efficiently. The benefits greatly exceed the cost, as adopting a strong program and creating a business process will help gain and retain customers - especially in light of publicized cybersecurity attacks, as customers expect sensitive information to be protected from compromise.

The NIST Framework is truly applicable to small businesses as a jumping off point to establish their cybersecurity posture. It’s a guideline for businesses to update their risk management approach, as many U.S. organizations across sizes and industries already leverage some type of security framework. Small business leaders should take the initiative to seek more proactive strategies to secure their company's information.

Want advice on how to implement the NIST CSF in your business? OR have questions on how to use your resources now? Contact us for a free consultation: info@cybersaint.io

Learn How CyberStrong Streamlines the NIST Cybersecurity Framework Adoption

You may also like

Contextualize Quantified Cyber ...
on April 11, 2019

Now more than ever, CISO’s are being tasked with delivering hard metrics around an enterprise’s technology and digital risk. While this is nothing new for seasoned IT ...

NYDFS Implementation Grace Period ...
on April 9, 2019

Following the Equifax breach and growing concerns about the posture of the financial industry, New York State Department of Financial Services (NYDFS) released the initial ...

CEO's - Do You Know Where That ...
on April 5, 2019

It is no secret that cybersecurity has mystified many members of the C-suite since the function was introduced. With headlines dominated by breaches and hearings of information ...

Jerry Layden
Carbon Black Report Indicates ...
on April 2, 2019

In their third Global Incident Response Threat Report our Massachusetts neighbor, Carbon Black, illustrates not only the top industries for cyber attack but a deeply concerning ...

Legacy GRC And The Sunk Cost ...
on March 28, 2019

Last month, we covered how legacy GRC products and new integrated risk management (IRM) solutions can co-exist and in fact compliment each other. That said, in order for them to ...

Alison Furneaux
What To Expect From The Imminent ...
on April 6, 2019

While the NIST Privacy Framework may be the headliner for the most anticipated new publication from the National Institute of Standards and Technology, there are two imminent ...