The recent pandemic has many seeking the outdoors, where we can all learn lessons from any environment. The saguaro cactus is a symbol of strength and perseverance within the harshest elements, just like the sole information security professional in a small / medium business. One must be willing to stand tall and put their experience on the line to help the business to not just know better, but to do better. This can be challenging in an SMB environment where the threats are not always obvious and there may not be clear regulatory requirements. We will share proven methods to encourage strong security practices in an SMB world without getting prickly.
Introduce security standards based on the NIST Cyber Security Framework that make sense for small and medium businesses.
Identify opportunities to encourage strong security practices and introduce them to the SMB even when they may not be required by regulations.
Leverage free materials to provide information security training that helps employees and their families in addition to the business. Security information that applies to both personal and professional life is the most likely to be used and remembered.