The National Institute of Standards and Technology (NIST) Cybersecurity Framework provides a way to review and understand your current cybersecurity posture and become more resilient in protecting your business.. Use this Small Business QuickStart guide to get started.

Phishing is the use of convincing emails or other messages to trick us into opening harmful links or downloading malicious software. These messages are often disguised as a trusted source, such as your bank, credit card company, or even a leader within your own business. See the NIST Phishing Overview for more information.

Here is a Google Worksheet to help you get started in identifying critical business assets and associated risks. You can make a copy of the sheet with this link: https://docs.google.com/spreadsheets/d/1qiatEpiMjVM_aI8ADyjEDp3zhIxqK8BCtJpoMoAyWFE/copy?gid=233746988#gid=233746988

NIST Cybersecurity Framework (CSF) maturity assessment Google worksheet. This maturity assessment template helps you evaluate the cybersecurity posture of your business against the NIST CSF. It provides a structured approach to assess current capabilities, identify gaps, and prioritize improvements. The template, in the form of a Google sheet, guide you through the CSF's core functions (Identify, Protect, Detect, Respond, Recover, and Govern) and the associated categories and subcategories.

You can make a copy of the sheet with this link: https://docs.google.com/spreadsheets/d/15jTCGIBC5Hmqm8DVWKCcwcD3FQLmDhc1q4U_hEvSmbg/copy?usp=sharing