What is the “NIST Act to Benefit Small Business”?

The “NIST Small Business Cybersecurity Act” S.770 was signed this month.  What is it, and how can it benefit you or your small business clients?

The National Institute of Standards & Technology (NIST) initially developed a set of cybersecurity standards called the NIST Cyber Security Framework (CSF) for government agencies to use.  The NIST CSF was made available for public use, and US compliance regulations such as PCI and HIPAA are based on the NIST CSF.  The goal of the new bill is to consider the needs specific to SMBs in future standards, and to raise awareness of the NIST framework with small businesses who are being heavily affected by cyber threats.  By proactively adopting the NIST CSF, SMBs can greatly reduce their cyber risks.

How can you take advantage of the framework if you don’t have cybersecurity expertise on staff?  That’s where we come in.  Our consultants have helped clients of all sizes assess their current risk level, remediate gaps, and align with an appropriate framework.  Let’s talk about how we can help you.