Small & midsize business (SMB) decision-makers often face uncertainties when it comes cyber-security and risk management practices for their organization.
Fortunately, the National Institute of Science and Technology (NIST) has created a strong structure that is free to use and provides direction for cyber-security and IT risk management planning. It’s called the NIST Cybersecurity Framework, and has five areas of focus: Identify, Protect, Detect, Respond, Recover.
While no plan is perfect, using these areas as a basis is a good start.