Recently, I was presenting to a risk management forum at a banking association on cybersecurity and the question came up as to whether my company helps small businesses become more secure. When I explained that we work exclusively with financial institutions the reply I received was “well, then what direction do we point them in?”
I gave a generic answer, stating that there are many small business frameworks out there that can be used like NIST CSF. While it sidestepped the answer for the time being, I had this twinge of dissatisfaction in the back of my mind that this really wasn’t providing the value that I could in this situation. When it comes to small businesses, most frameworks are over way too complicated, for them to be successful, we’ve got to simplify.
After the forum, a discussion with a friend of mine on a cyber risk they were concerned about reminded me of a checklist that I had developed for them and another service provider of ours several years ago. I dusted it off, made some edits and the 1-Page Cybersecurity Checklist for Small Businesses was born!
The idea here is that small businesses face the challenges of cyber threats just like anyone else, but they need to get the biggest bang for their buck when it comes to cyber controls. They don’t know where to get started, so they naturally turn to someone that they trust and that is synonymous with SECURITY: their bank. And for the financial intuition, the more secure your customers are, the more secure you are.
So, we are making this available to anyone who wants to download it (See the form at the bottom) and share it with their small businesses to use as a starting point. Feel free to share by printing as handouts for new business accounts or commercial loans. Include it as a statement stuffer for your business checking accounts. Or share it in your next digital newsletter.
If you want it branded to your financial institution, let us know and we’ll be glad to work with you to make it happen.
As it says, this is a good starting point, but it may have to grow as the business matures. It is NOT intended for any businesses with direct regulatory requirements such as HIPAA, FTC GLBA, CMMC, GDPR, CCPA, NYCRR 500, etc.
Like always, we want to provide as much value as possible here, so feel free to send us any feedback on how we can do more to help you and your customers by emailing support@bedelsecurity.com.