Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Small Business Information Security: the Fundamentals

Published

Author(s)

Richard L. Kissel

Abstract

[Superseded by NISTIR 7621 Rev. 1 (November 2016): https://www.nist.gov/node/1111801 ] For some small businesses, the security of their information, systems, and networks might not be a high priority, but for their customers, employees, and trading partners it is very important. The term Small Enterprise (or Small Organization) is sometimes used for this same category of business or organization. A small enterprise/organization may also be a nonprofit organization. The size of a small business varies by type of business, but typically is a business or organization with up to 500 employees. In the United States, the number of small businesses totals to over 95% of all businesses. The small business community produces around 50% of our nation s Gross National Product (GNP) and creates around 50% of all new jobs in our country. Small businesses, therefore, are a very important part of our nation s economy. They are a significant part of our nation s critical economic and cyber infrastructure. Larger businesses in the United States have been actively pursuing information security with significant resources including technology, people, and budgets for some years now. As a result, they have become a much more difficult target for hackers and cyber criminals. Consequently, the hackers and cyber criminals are now focusing their unwanted attention on less secure small businesses. Therefore, it is important that each small business appropriately secure their information, systems, and networks. This Interagency Report (IR) will assist small business management to understand how to provide basic security for their information, systems, and networks.
Citation
NIST Interagency/Internal Report (NISTIR) - 7621
Report Number
7621

Keywords

information security, small business
Created October 1, 2009, Updated November 10, 2018