Creating a Small Business Cybersecurity Program

The second edition uses version 8 of the CIS Controls®.

This book in the CISO Desk Reference Guides® small business series is targeted toward businesses with 25 to 500 employees and limited or no technology or security staff. It provides non-technical, practical, step-by-step instructions for small business owners who need to create a cybersecurity program. The methodology is appropriate for any industry sector and customizable for the size of the business.
Topics include:
- Incorporating a cybersecurity strategy with a business plan
- Incorporating cyber risk into a business risk management plan
- Selecting a cyber risk management methodology
- Introducing the cybersecurity program lifecycle
- Integrating privacy requirements into a cybersecurity program
- Ten simple steps to develop a cybersecurity program
- Next steps for getting started with implementing security measures
This book includes digital templates and checklists to assist the small business owner in conducting internal assessments and creating the necessary documents. Links to these online documents are given in an Appendix.