Request Demo

NIST Cybersecurity Framework

Small to Mid Sized Businesses: How to Consider the NIST Framework

down-arrow

As a small business owner, you might feel like your organization is less of a target for a cyber attack than the larger corporations in your industry. However, the importance of investing in the protection of your information both physically and digitally is important more now than ever for small businesses. 

At any size, a company’s bottom line is severely effected by the success of its cybersecurity risk management initiatives. Attacks that cause widespread damage across an organization result in increased costs to recover and impact its ability to generate revenue. Small businesses are attacked about four thousand times per day, making up 62% of all cyber attacks according to IBM. The U.S. National Cybersecurity Alliance says that the cost of cleaning up after an attack for a small to mid-sized business can range from $690,000 to over $1 million. Cybersecurity data breaches result in damage and destruction of data, lost productivity, forensic investigation, and business course disruption among others. Global ransomware damage costs are projected to exceed $5 billion in 2017, which is no surprise considering the $1 billion in damages caused by WannaCry within a four day period. It is clear that the processes by which organizations are managing their cybersecurity posture is not enough. The National Institute for Standards and Technology’s framework is a set of guidelines that attempts to solve this problem of internal cybersecurity management, and is a guide for businesses of all sizes across almost all industries to build upon.

NIST states “Because small businesses typically don’t have the resources to invest in information security the way larger businesses can, many cyber criminals view them as soft targets”. To a small business, a strong cybersecurity program is often seen as a task too difficult because of the resource requirements. These businesses are encouraged to think about how to use their resources efficiently. The benefits greatly exceed the cost, as adopting a strong program and creating a business process will help gain and retain customers - especially in light of publicized cybersecurity attacks, as customers expect sensitive information to be protected from compromise.

The NIST Framework is truly applicable to small businesses as a jumping off point to establish their cybersecurity posture. It’s a guideline for businesses to update their risk management approach, as many U.S. organizations across sizes and industries already leverage some type of security framework. Small business leaders should take the initiative to seek more proactive strategies to secure their company's information.

Want advice on how to implement the NIST CSF in your business? OR have questions on how to use your resources now? Contact us for a free consultation: info@cybersaint.io

Learn How CyberStrong Streamlines the NIST Cybersecurity Framework Adoption

You may also like

The Cybersecurity Skills Gap: The ...
on February 7, 2019

The cybersecurity skills gap is nothing new to the seasoned cyber professional. It has been widely discussed in cyber and information security circles for some time. The main flag ...

George Wrenn
The Post-Digitization CISO
on February 5, 2019

Information leaders in digital businesses, whether focusing on optimization or a full transformation, are inherently altering their position among the executive leadership. As ...

Integrated Risk Management and ...
on January 31, 2019

With technology permeating every aspect of a business, one begins to wonder what technology is reserved for digital risk management rather than the other facets of integrated risk ...

Department of Defense Launches ...
on January 29, 2019

The Defense Federal Acquisition Regulation Supplement (DFARS) mandate, specifically Clause 252.204-7012 requiring all members of the Department of Defense’s supply chain to comply ...

Digital Risk Management Frameworks
on January 24, 2019

As organizations continue to embrace digitization, security teams are faced with the challenge of keeping the enterprise secure while empowering growth and innovation. Many CISO’s ...

The Cybersecurity Impact Of The ...
on January 23, 2019

There has been a great deal of speculation around the cybersecurity posture of the nation in light of the most recent (and longest documented) government shutdown. I’ve seen two ...

George Wrenn