Cybersecurity Resources for Small Businesses

The SBIR/STTR Cybersecurity Due Diligence program is aligned to the National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA) Risk Management Framework. Both organizations offer valuable tools, guidelines and Cybersecurity (CS) best practices to assist small businesses to implement and maintain robust CS best practices. Additional CS resources are available as well. Below is a brief description of each publication, along with a link [to the publication]:

NIST and CISA Publications/Links:

• NIST has a useful publication that discusses the Fundamentals of Small Business Information Security: https://www.nist.gov/publications/fundamentals-small-business-information-security
• CISA has an excellent Cyber essentials guide aimed at small businesses: https://www.cisa.gov/resources-tools/resources/cyber-essentials 
• CISA Services Overview
• NIST Framework for Improving Critical Infrastructure Cybersecurity
• NIST Small Business Information Security: The Fundamentals
• NIST Cybersecurity Framework Small Business Quick Start Guide

Additional Resources:

• The Global Cybersecurity Alliance (GCA) provides free and effective tools that small business can use to take action to reduce cyber risk: https://gcatoolkit.org
• The main Federal SBIR website, https://www.sbir.gov offers a lot of information and training
• The Federal Trade Commission has a good reference page dedicated to small businesses and CS https://www.ftc.gov/business-guidance/small-businesses/cybersecurity
• USAF SBIR CS page: https://www.safcn.af.mil/CISO/Small-Business-Cybersecurity-Information
• The FBI Internet Crime Complaint Center (IC3) provides information about the latest and most harmful cyber threats and scams: https://www.ic3.gov

Feedback

All submissions are anonymous. Your feedback is important to us and will be taken into consideration for possible future improvements. Thank you for taking the time to share your feedback.