NIST Small Business Cybersecurity Act is signed into law

On Tuesday August 14, 2018, President Donald Trump signed the NIST Small Business Cybersecurity Act (S. 770) into law. The Act requires NIST (National Institute of Standards and Technology) to help small businesses by providing resources for their cybersecurity strategy.


The Act mandates NIST to produce and distribute cybersecurity resources that are adapted to the specific needs of small businesses. The resources must:

  • Be applicable to a wide range of small businesses, varying in sector and function
  • Promote cybersecurity awareness in the work environment
  • Include strategies for implementing the cybersecurity measures
  • Be compatible with a range of technologies small businesses typically use
  • Work with commercial off-the-shelf solutions
  • Be feasibly consistent with international standards and the Stevenson-Wydler Technology Innovation Act of 1980

NIST CSF and small businesses

The NIST CSF (Cybersecurity Framework) is a voluntary framework primarily intended for critical infrastructure organizations to manage and mitigate cybersecurity risk based on existing standards, guidelines, and practices. At the moment, the CSF is largely ignored by small businesses.

Many small businesses fail to recognize that they are vulnerable, incorrectly believing that cyber criminals won’t target them. This is disproved by the increasing number of cyber attacks. In fact, small businesses are often more vulnerable than larger organizations, since they don’t have the resources to put strong cybersecurity practices in place. As a result, many are unprepared, and may struggle to recover from successful cyber attacks.

No organization is immune to cyber crime

It is crucial for all organizations, no matter size or industry, to protect themselves from the potentially devastating impact of a cyber attack. Having a solid cybersecurity strategy in place not only helps protect your organization, but also helps keep your business running in the event of a successful cyber attack.

NIST CSF pocket guide


Our essential NIST Cybersecurity Framework pocket guide will help you gain a clear understanding of the CSF. Pre-order NIST Cybersecurity Framework – A Pocket Guide now to save 10%!





Want to learn more about the NIST Cybersecurity Framework? Download our free green paper to find out more about the CSF.

Take our NIST Survey and get 15% off any product

Click here to get 15% off >>


Are you #BreachReady?

To help your organization become #BreachReady this summer, IT Governance USA is offering up to 20% off all sorts of solutions to prevent or mitigate the effect of data breaches.

Find out more >>

Are you #BreachReady?