{"id":3185,"date":"2019-05-15T11:12:21","date_gmt":"2019-05-15T17:12:21","guid":{"rendered":"https:\/\/www.kraftgrp.com\/?p=3185"},"modified":"2019-05-15T11:12:21","modified_gmt":"2019-05-15T17:12:21","slug":"nists-small-business-cybersecurity-corner","status":"publish","type":"post","link":"https:\/\/www.kraftgrp.com\/nists-small-business-cybersecurity-corner\/","title":{"rendered":"NIST’s Small Business Cybersecurity Corner"},"content":{"rendered":"

Cybersecurity is complicated and small businesses have a hard time keeping up with it. They can’t afford the big staff and army of specialists which a large enterprise can hire. The National Institute of Standards and Technology (NIST) is well aware of this problem. That’s why it has set up the Small Business Cybersecurity Corner<\/a>.<\/p>\n

Browsing the site and bookmarking the most relevant articles can be a major help to managers trying to understand security procedures. Most of the material are links to third-party sites, focusing on basic issues. The site is oriented toward managers and IT generalists, not security specialists.<\/p>\n

\"Young<\/h3>\n

The creation of the Corner<\/strong><\/h3>\n

On August 14, 2018, President Trump signed Senate Bill 770, the NIST Small Business Cybersecurity Act<\/a>. The authors of the act were Senators Brian Schatz and James Risch. It directed NIST to provide “resources to help small business concerns identify, assess, manage, and reduce their cybersecurity risks.” NIST complied by setting up the Cybersecurity Corner on the Web.<\/p>\n

Sen Schatz said that “while big businesses have the resources to protect themselves, small businesses do not, and that’s exactly what makes them an easy target for hackers.” Smaller organizations, by their nature, have limited resources and expertise outside their specialty. Their small size doesn’t save them from being targets, though.<\/p>\n

Indeed, small business data networks are favorite targets of online criminals. Many of them are poorly protected, so it’s much easier to penetrate them than to get past a major corporation’s defenses. Even if they don’t have a great wealth of confidential data, they’re useful as jumping-off points. Criminals can install malware in machines that makes them part of “botnets.” A botnet of thousands or millions of machines can send out mountains of spam or launch massive attacks on bigger targets. A compromised site runs less efficiently and is more likely to crash as thieves siphon off its resources. Internet blacklists will mark it as a dangerous site, browsers will warn users against it, and filters will block its mail.<\/p>\n

Every network which connects to the Internet is a constant target of probing. There’s no such thing as “too small to bother with.” Just as phone scammers dial one number after another, online attackers try every address on the Internet to see if there’s a weakness.<\/p>\n

The damage an online attack can do to a small business is proportionately worse than to a large business. Smaller organizations have fewer reserves and can be pushed more quickly to the point of collapse. Small businesses account for 99.7% of the employers in the US, so their role in Internet safety is significant. The Small Business Cybersecurity Corner helps them to find the resources they need to reduce their risk.<\/p>\n

The contributors<\/strong><\/h3>\n

Most of the site’s content are links to articles on aspects of business cybersecurity. These articles are found on the sites of the partners that have joined in the creation of the Cybersecurity Corner. The following contributors are listed:<\/p>\n