A 2012 Small Business Administration survey in the United States found that 99.7% of U.S. employer firms were small businesses. The sheer number of controls contained within existing information security standards and regulations can be daunting for large, multinational corporations. Expecting small and medium businesses to comply with those same standards and regulations is unrealistic.
The goal of the Common Sense Security Framework (CSSF) is to help business owners identify those fundamental controls they need to have in place in order to protect the systems and applications on which their business relies.
The CSSF identifies seven (7) areas that require protection, along with three (3) of the most effective, useful controls in each area. The end results is a list of twenty-one (21) questions that every business owner needs to answer in order to have a fundamental understanding of whether or not his or her business is exposed.
I think it could be a great resource for banks and credit unions to share with small business owners and commercial cash management customers as a resource for practical cyber-hygiene.
To read the full article, click here:
https://www.helpnetsecurity.com/2017/06/05/common-sense-security-framework/?es_p=4346450