Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

NISTIR 7621 Rev. 1 (DRAFT)

Small Business Information Security: the Fundamentals

Date Published: December 2014
Comments Due: February 9, 2015 (public comment period is CLOSED)
Email Questions to: smallbizsecurity@nist.gov

Withdrawn: November 03, 2016

Author(s)

Richard Kissel (NIST), Hyunjeong Moon (NIST)

Announcement

NIST, as a partner with the Small Business Administration and the Federal Bureau of Investigation in an information security awareness outreach to the small business community, developed this NISTIR as a reference guideline for small businesses. This document is intended to present the fundamentals of a small business information security program in non-technical language.

Abstract

Keywords

small business information security; cybersecurity fundamentals
Control Families

Access Control; Awareness and Training; Configuration Management; Contingency Planning; Identification and Authentication; Media Protection; Personnel Security; Physical and Environmental Protection; Planning; System and Communications Protection; System and Information Integrity; System and Services Acquisition;

Documentation

Publication:
Draft NISTIR 7621 Rev. 1

Supplemental Material:
None available

Topics

Security and Privacy
awareness training & education; planning

Applications
small & medium business