Small Businesses Are a Big Priority for NIST

In my spare time, I have been casually researching my family genealogy, and like many of us, I’ve discovered I come from a long line of small business owners: dry goods sales, pharmacists, building material inventors, grain merchants. It’s no wonder I am so intrigued by the incredible range of work we do here at NIST to guide the nation’s business activities with useful standards and research. Visitors to our campuses in Gaithersburg, MD and Boulder, CO, would enjoy the campus museum displays with artifacts related to varied research topics. Some of my favorites include peanut butter viscosity standards, building material research, atomic time keeping, and good old standardized weights and measures. These materials touch every citizen and influence every business owner. Small businesses are an important community of interest for our researchers, and it is crucial that NIST continue to find ways to support them. For instance, keeping America’s small businesses safe from cybersecurity threats is of paramount importance to NIST.

NIST has many helpful resources for small businesses like the popular NIST Cybersecurity Framework, our relaunched website, the Small Business Cybersecurity Corner, just for the small business community. The site features a range of NIST products to address small business cybersecurity concerns and links to curated materials from other federal agencies. We routinely partner with colleagues at the U.S. Small Business Administration, Federal Trade Commission, Federal Bureau of Investigation and Department of Homeland Security (to name a few) to ensure our articles, research, and best practice guidance addresses your greatest cybersecurity concerns. We update the site regularly; in fact, one recent addition addressed the need for safe telework tips. You can reach out to us for more information about any small business topic or question: smallbizsecurity [at] nist.gov (smallbizsecurity[at]nist[dot]gov).

Small and medium-sized manufacturers can be greatly affected by a cyber attack. Criminals are actively seeking out vulnerabilities in smaller manufacturing firms, which typically don’t have large cybersecurity budgets. NIST’s Manufacturing Extension Partnership (MEP) has many cybersecurity resources available for manufacturers, including industry-specific guidance, solutions, and training that is practical, actionable, cost-effective, and helps manage cybersecurity risks. Your local MEP Center has more information to help protect your small manufacturing business.

One of the top requests received from small business owners was for educational materials to help them and their employees on a variety of complex cybersecurity topics. The presentation  “Cybersecurity Fundamentals” was developed with input from small businesses to provide this baseline training. It would be a good idea to review the presentation and consider what topics are most crucial to your team. Perhaps you are concerned about the security of your customer data. The NIST Cybersecurity Fundamentals presentation gives you a step-by-step method for creating a plan to keep customer data and all-important assets of your business protected against threats. Using the NIST Cybersecurity Framework might feel daunting, but it can provide an easy-to-use and navigable path that can help you and your employees better understand what to work on first and what to work on later.

Another request was to explain to people throughout an organization, regardless of their job function, their role in managing cybersecurity risks. That query resulted in a great community resource from the National Initiative for Cybersecurity Education (NICE)’s public working group titled, “Cybersecurity is Everyone’s Job”, a simplified guide with one-page handouts for a wide variety of employee areas. As an example, if you want to explain to your marketing team how their work could be compromised from a cybersecurity point of view and the best practices they should follow, this guidebook has it!

We hope you will download some of the small business cybersecurity education materials on our Small Business Cybersecurity Corner, review with your team, and please give us feedback.