Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Quick Start Guides
This page contains small business quick start guides for some of NIST’s cybersecurity and privacy publications and frameworks. These resources are not intended to replace the larger publications or frameworks; they are intended to be introductory guides to help small organizations get started with the content. Want to see one that isn’t here yet? Let us know: smallbizsecurity [at] nist.gov (smallbizsecurity[at]nist[dot]gov).
NIST Cybersecurity Framework 2.0: Small Business
This guide provides small-to-medium sized businesses, specifically those who have modest or no cybersecurity plans in place, with considerations to kick-start their cybersecurity risk management strategy using the NIST Cybersecurity Framework (CSF) 2.0.
NIST Risk Management Framework Small Enterprise
This guide is designed to help small, under-resourced entities understand the value and core components of the NIST Risk Management Framework (RMF) and provide a starting point for designing and implementing an information security and privacy risk management program.
Getting Started with the NIST Privacy Framework: A Guide for Small and Medium Businesses
The NIST Privacy Framework is a voluntary tool that can help your organization create or improve a privacy program. Get started using the Privacy Framework by following a simple model of “Ready, Set, Go” phases, and align your business or agency with five privacy risk management areas: Identify, Govern, Control, Communicate, and Protect.