Cybersecurity Basics

Cybersecurity is a continuous process. Because your business, technologies, regulations/laws, and cybersecurity threats continue to change, your goal should be to always strive for continuous improvement in your cybersecurity risk management.

There are many ways you can improve your business’ cybersecurity. Here are a few basic steps to get you started:

• Understand that cyber threats are a business risk, and having strong cybersecurity is a competitive advantage.
• Require employees to enable multi-factor authentication (MFA), particularly phishing-resistant MFA, on all accounts that offer it.
• Require strong passwords and consider using a password manager.
• Change default manufacturer passwords to ones that are unique to you.
• Install and maintain updated antivirus software.
• Update and patch all software when new versions are available.
• Learn how to protect your business from phishing.
• Train employees on basic cybersecurity hygiene.

Additional Resources:

Cybersecurity Framework Quick Start Guide - Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide provides activities for each Function of the Cybersecurity Framework that may be good starting points for small businesses. 

Cybersecurity Essentials Toolkit - The Cyber Essentials Toolkit is a set of modules designed to break down the CISA Cyber Essentials into bite-sized actions for IT and C-suite leadership to work toward full implementation of each Cyber Essential. 
Cybersecurity and Infrastructure Security Agency

Questions Every CEO Should Ask About Cyber Risks – a guide for CEOs on how to discuss cybersecurity risk management topics with their leadership and implement cybersecurity best practices
Department of Homeland Security