U.S. Flag Official website of the Department of Homeland Security

Resources for Small and Midsize Businesses (SMB)

Cybersecurity is critical to any business enterprise, no matter how small.  However, leaders of small and midsize businesses (SMB) often do not know where to begin, given the scope and complexity of the issue in the face of a small staff and limited resources.

To help business leaders get started, DHS has provided a list of top resources specially designed to help SMBs recognize and address their cybersecurity risks.

C³ Voluntary Program SMB Toolkit

This packet contains resources specially designed to help SMBs recognize and address their cybersecurity risks.  Resources include talking points for CEOs, steps to start evaluating your cybersecurity program, and a list of hands-on resources available to SMB.  

  1. Toolkit for Small and Midsize Businesses (SMB) Table of Contents
  2. Begin the Conversation: Understanding the Threat Environment
  3. Getting Started: Top Resources for SMB
  4. Cybersecurity for Startups
  5. C³ Voluntary Program Outreach and Messaging Kit
  6. SMB Leadership Agenda
  7. Hands-On Resource Guide

Stop.Think.Connect. Toolkit

The Stop.Think.Connect.™ campaign has an online Toolkit that includes information specific to SMBs. The Toolkit can be found at http://www.dhs.gov/stopthinkconnect-toolkit or www.stcguide.com.

Small Business Administration (SBA) Training

This 30 minute, self-paced training exercise provides an introduction to securing information in small businesses.  For more information, please visit: https://www.sba.gov/tools/sba-learning-center/training/cybersecurity-small-businesses.

Federal Small Biz Cyber Planner

This tool helps businesses create custom cybersecurity plans. The Small Biz Cyber Planner includes information on cyber insurance, advanced spyware, and how to install protective software.  For more information, please visit http://www.fcc.gov/cyberplanner.

Small Business, Big Threat

This online assessment tool, developed by the Michigan Small Business Development Center (SBDC), assists small and medium businesses in evaluating the cyber risks they face. At the conclusion of the 30 minute assessment, participants receive a risk assessment report and can choose from a variety of resources to engage with, including in-depth trainings, webinars, best practices, and industry articles on small business cyber security. Learn more and take the assessment at www.smallbusinessbigthreat.com.

Internet Essentials for Business 2.0

This guide for business owners, managers, and employees focuses on identifying common online risks, best practices for securing networks and information, and what to do when a cyber incident occurs. For more information, please visit: https://www.uschamber.com/internet-security-essentials-business-20.

White Paper: Every Small Business Should Use the NIST Cybersecurity Framework

This white paper from eManagement can help SMBs understand and use the National Institute of Standards and Technology (NIST) Cybersecurity Framework.  It provides cybersecurity tips for SMBs aligned to the Framework’s core functions: Identify, Protect, Detect, Respond, and Recover. The white paper can be found here.

Geographically Specific Resources

This collection of cyber resources from various levels of government can help small and midsize businesses recognize and address their cyber risks.  Access geographically-specific resources here.

Back to Top

Back to Top