Resources for Small and Midsize Businesses (SMB)

Cyber Essentials

CISA’s Cyber Essentials is a guide for leaders of small businesses as well as leaders of small and local government agencies to develop an actionable understanding of where to start implementing organizational cybersecurity practices.

Cybersecurity Resources Road Map (A Guide for Critical Infrastructure SMBs)

The Cybersecurity Resources Road Map is a guide for identifying useful cybersecurity best practices and resources based on needs.

Note to cybersecurity trainers and small business advisors:

To professionally print the Cybersecurity Resources Road Map at a print shop (trifold brochure) for distribution to businesses at training events and workshops, use this print shop version of the Road Map and these printing instructions.

Stop.Think.Connect. Toolkit

The Stop.Think.Connect. TM campaign includes cybersecurity tips for SMBs.

Now Available: Small and Midsize Business Cybersecurity Survey

[OMB 1670-0038, Expiration Date: 7/31/2020]

An industry-government partnership is conducting a survey on cybersecurity issues in the small and mid-sized business (SMB) community, and would most welcome your organization’s participation.

The survey focuses on companies’ awareness and use of the Cybersecurity Framework (Framework), which was led by the National Institute of Standards and Technology.

The Information Technology Sector Coordinating Council and the Cybersecurity and Infrastructure Security Agency (CISA) are conducting this research to inform development of cybersecurity information to support SMBs.

The voluntary survey addresses companies’ familiarity with the Framework, their perceptions regarding potential barriers to using the Framework, their concerns related to cybersecurity, as well as how those concerns rank relative to other business priorities. It also seeks companies’ suggestions for strengthening the overall cybersecurity posture of SMBs.

The survey data will be collected and anonymized by ACT: The App Association. No confidential or identifiable data will be published or shared with CISA in any capacity. The survey is open for the entire SMB community to participate.

To access the survey, please click here or visit The survey should only take 30 minutes. Questions marked with an asterisk (*) are required. You can only take the survey once, but you can edit your responses until the survey is closed on December 20.

If you have any questions about the survey, please email the industry chair, Mr. Brian Scarpelli, at