We've published the final NISTIR 8374, Ransomware Risk Management: A Cybersecurity Framework Profile and the Quick Start Guide: Getting Started with Cybersecurity Risk Management | Ransomware.
From CISA.gov: The StopRansomware.gov webpage is an interagency resource that provides partners and stakeholders with ransomware protection, detection, and response guidance that they can use on a single website. This includes ransomware alerts, reports, and resources from CISA, the FBI, and other federal partners.
Small businesses may struggle knowing how to implement the Cybersecurity Framework. To help meet this need, NIST developed this quick start guide. The guide provides cybersecurity activities for each Function of the Framework that may be good starting points for small businesses.
Free cybersecurity training for Small Businesses from non-profits Global Cyber Alliance and Cyber Readiness Institute.
NIST has heard consistently that small and medium businesses would benefit from dedicated resources aimed at facilitating Privacy Framework implementation. To help meet this need, NIST developed this quick start guide. Although nominally for small and medium businesses, this guide is intended to help any organization get a risk-based privacy program off the ground or improve an existing one.
Need help with keeping your resources safe while teleworking? See our blogs on Telework Security Basics, Preventing Eavesdropping and Protecting Privacy on Virtual Meetings, Tips for Securing Conference Calls or our Telework Security Overview & Tip Guide.
Content outlined on the Small Business Cybersecurity Corner webpages contains documents and resources from our contributors. These resources were identified by our contributors as information they deemed most relevant and timely—and were chosen based on the current needs of the small business community. Certain commercial entities may be identified in this Web site or linked Web sites. Such identification is not intended to imply recommendation or endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are necessarily the best available for the purpose.
If your resource is publicly available on the Internet, accurate and comprehensive for a given type of cybersecurity risk or risk-reducing measure, and freely available for others to use, it meets the basic criteria for potential inclusion in the Small Business Cybersecurity Corner website. That includes resources from government agencies and nonprofit organizations. If your resource qualifies and you would like it considered for listing, send a description of your resource to smallbizsecurity [at] nist.gov.