NIST framework for small business


NIST Framework for Small business

This very assumption is true that small business owners do think that they are too small to the cyber crime risk. But according to research there is the dramatic increase in cyber-attacks against the small business. In 2015 alone small enterprises suffer 43% as compare to medium or large size organizations.
Then why we don’t get much information about these attacks? The Answer; one is Large-corporations get most of the publicity when it comes to cyber-crime and second the amount of data is much less in small organizations compare to Large-corporation. The world Economic Forum classes cyber crime as a ‘top risk’. Many small businesses think that cyber security is too expensive or difficult to implement without knowing that they may have more to lose than a larger organization. NIST (National Institute of Standards and Technology) develop a framework for small business organizations that cater the problem small organizations are facing to implement security. According to NIST, The new NIST publication walks users through a simple risk assessment to understand their vulnerabilities.
The framework’s processes and tools provide key standards and best practices developed over decades by the federal government and industry. Its simple language allows organizations to better communicate, and its overall design helps them identify, assess and manage cyber security risks.

For example, the new framework describes how to:

• limit employee access to data and information;
• train employees about information security;
• create policy and procedures for information security;
• encrypt data;
• install web and email filters; and
• Patch, or update, operating systems and applications.
Other recommendations may require new equipment, and the framework can help businesses perform cost/benefit analyses.