Cybersecurity Resources for Small Businesses
Major update for our startup and small business community! The DOE SBIR/STTR programs are now managed by the DOE Office of Technology Commercialization (OTC) to streamline program administration and support technology commercialization. Please get started on your SBIR/STTR journey by visiting the Office of Technology Commercialization Website.
The SBIR/STTR Cybersecurity Due Diligence program is aligned to the National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA) Risk Management Framework. Both organizations offer valuable tools, guidelines and Cybersecurity (CS) best practices to assist small businesses to implement and maintain robust CS best practices. Additional CS resources are available as well. Below is a brief description of each publication, along with a link [to the publication]:
NIST and CISA Publications/Links:
- NIST has a useful publication that discusses the Fundamentals of Small Business Information Security: https://www.nist.gov/publications/fundamentals-small-business-information-security
- CISA has an excellent Cyber essentials guide aimed at small businesses: https://www.cisa.gov/resources-tools/resources/cyber-essentials
- CISA Services Overview
- NIST Framework for Improving Critical Infrastructure Cybersecurity
- NIST Small Business Information Security: The Fundamentals
- NIST Cybersecurity Framework Small Business Quick Start Guide
Additional Resources:
- The Global Cybersecurity Alliance (GCA) provides free and effective tools that small business can use to take action to reduce cyber risk: https://gcatoolkit.org
- The main Federal SBIR website, https://www.sbir.gov offers a lot of information and training
- The Federal Trade Commission has a good reference page dedicated to small businesses and CS https://www.ftc.gov/business-guidance/small-businesses/cybersecurity
- USAF SBIR CS page: https://www.safcn.af.mil/CISO/Small-Business-Cybersecurity-Information
- The FBI Internet Crime Complaint Center (IC3) provides information about the latest and most harmful cyber threats and scams: https://www.ic3.gov
Feedback
All submissions are anonymous. Your feedback is important to us and will be taken into consideration for possible future improvements. Thank you for taking the time to share your feedback.
