This section includes frequently asked questions about the NIST Small Business Cybersecurity Act and this website.
Why is NIST working to provide guidance for small and medium sized businesses?
NIST has been working on behalf of SMBs for many years together with the FBI and the Small Business Administration. More recently the NIST Small Business Cybersecurity Act, which became law on August 14, 2018, directed NIST to “disseminate clear and concise resources to help small business concerns identify, assess, manage, and reduce their cybersecurity risks.”
Why should SMBs care about cybersecurity?
Cybersecurity is vitally important to a business’ bottom line. Cybersecurity breaches cost businesses billions of dollars in lost revenue and loss of productivity every year. The impact on reputation and the loss of customers’ trust can cause long term damage to a small business.
Who can contribute resources to the Small Business Cybersecurity Corner Web site?
Currently, resources from government agencies and non-profit organizations that are publicly available on the Internet, accurate and comprehensive for a given type of cybersecurity risk or risk-reducing measure, and freely available for others to use meet the basic criteria for potential inclusion in the Small Business Cybersecurity Corner Web site. Pay-for resources associated with non-profit organizations also meet the basic criteria for inclusion in the Web site. If your resource qualifies and you would like it considered for listing, send a description of your resource to smallbizsecurity [at] nist.gov. To see all the contributors go to the Contributors Directory.
How can I share my thoughts for improvement of the Small Business Cybersecurity Corner with NIST?
We want your feedback! If you have ideas for how to improve the SMB Cybersecurity Corner to make it more useful to SMB owners please email us at: smallbizsecurity [at] nist.gov.