Assessing your company’s cybersecurity risks and implementing controls to protect your business’s data doesn’t have to be overwhelming and scary. There are steps that any small manufacturing company should take to ensure their data is secure.
This resource is for small manufacturers to quickly and cost effectively address cybersecurity threats. These simple, low cost steps are based on the official NIST guidance from the Cybersecurity Framework and have been tailored to meet the needs of small companies so they can identify, assess and manage cybersecurity risks.
SMMs often have more to lose than larger manufacturers because a cyber event — whether due to a hacker, natural disaster or business resource loss — can have a major impact. SMMs are often less prepared to handle these types of events. But because SMMs often have less complex operational needs and IT infrastructure, they may be able to take steps to detect and recover from a cybersecurity incident quickly. It is vitally important that you consider how to protect your business before an incident occurs. View and download the Manufacturers Guide to Cybersecurity for Small and Medium-Sized Manufacturers.
The NIST MEP Cybersecurity Assessment Tool allows U.S. small manufacturers to self-evaluate the level of cyber risk to their business. The assessment is based on the National Institute of Standards and Technology’s (NIST) Cyber Security Framework. This tool is to be used only for guidance and does not imply approval by NIST MEP and cannot be used to demonstrate compliance.
The NIST Interagency Report (NISTIR) provides guidance on how small businesses can provide basic security for their information, systems, and networks. This NISTIR uses the Framework for Improving Critical Infrastructure Cybersecurity as a template for organizing cybersecurity risk management processes and procedures. Although the Cybersecurity Framework, created through collaboration between government and the private sector, was originally developed specifically for critical infrastructure organizations, it has proven useful to a variety of audiences and is used in this publication to organize information and cybersecurity best practices in an accepted and logical format.
The vast majority of smaller businesses rely on information technology to run their businesses and to store, process, and transmit information. Protecting this information from unauthorized disclosure, modification, use, or deletion is essential for those companies and their customers.
With limited resources and budgets, these companies need cybersecurity guidance, solutions, and training that is practical, actionable, and enables them to cost-effectively address and manage their cybersecurity risks. The NIST Small Business Cybersecurity Corner puts these key resources in one place.