U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology Laboratory

Small Business Cybersecurity Corner

About Us

Share

The vast majority of smaller businesses rely on information technology to run their businesses and to store, process, and transmit information. Protecting this information from unauthorized disclosure, modification, use, or deletion is essential for those companies  and their customers.

With limited resources and budgets, these companies need cybersecurity guidance, solutions, and training that is practical, actionable, and enables them to cost-effectively address and manage their cybersecurity risks. This NIST Small Business Cybersecurity Corner puts these key resources in one place.

Congress has given NIST responsibility to disseminate consistent, clear, concise, and actionable resources to small businesses. All resources are free and draw from information produced by federal agencies, including NIST and several primary contributors, as well non-profit organizations and several for-profit companies. These resources will be updated and expanded regularly.

NIST has been working on behalf of SMBs for many years together with the FBI and the Small Business Administration. More recently the NIST Small Business Cybersecurity Act, which became law on August 14, 2018, directed NIST to “disseminate clear and concise resources to help small business concerns identify, assess, manage, and reduce their cybersecurity risks.”

The website does not provide operational assistance to individual companies, but it does list federal agency and some non-profit contacts that can offer that assistance. Small businesses should immediately report any threats and incidents to the FBI’s Internet Crime Complaint Center (IC3).

Currently, resources from government agencies and non-profit organizations that are publicly available on the Internet, accurate and comprehensive for a given type of cybersecurity risk or risk-reducing measure, and freely available for others to use meet the basic criteria for potential inclusion in the Small Business Cybersecurity Corner Web site. To see all the contributors, go to the Contributors Directory.

Site Contributors 

This section includes information and links to our main contributors’ websites for small business cybersecurity.

Cyber Readiness Institute

Cybersecurity & Infrastructure Security Agency (CISA)

Cybercrime Support Network

Department of Homeland Security (DHS)

Federal Bureau of Investigation (FBI)

Federal Communications Commission (FCC)

Federal Trade Commission (FTC)

Global Cyber Alliance (GCA)

Health and Human Services (HHS)

Healthcare and Public Health Sector Coordinating Council (HSCC)

Manufacturing Extension Partnership (MEP)

National Cybersecurity Alliance

National Initiative for Cybersecurity Education (NICE)

Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR)

U.S. Air Force CISO

U.S. Small Business Administration (SBA)

U.S. Department of Defense Office of Small Business Programs (OSBP)

U.S. Department of Justice (DOJ)

Created August 24, 2020, Updated January 2, 2024