Wondering what small and midsize businesses (SMBs) think about cybersecurity? Or maybe you work for a small or midsize business that would like to tell someone what you think. Here’s your chance. The Information Technology Sector Coordinating Council (IT SCC) and Department of Homeland Security (DHS) just released a voluntary survey about SMB cybersecurity practices – and they asked us to help get the word out.
The survey is a joint effort between industry and government to collect information about SMB cybersecurity and risk management practices. The survey asks about what sources SMBs use to learn about cybersecurity best practices; what asset and management practices SMBs have; and the cost of implementing the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
What can you expect if you take the survey? The survey has two parts. Part one is for your company’s leadership and includes questions about the company’s functions and size. Part two is intended for the Chief Information Security Officer (CISO) or IT staff who can answer technical questions about your company’s IT security. The survey should take only 30 minutes.
What’s the point? Your feedback will help policy makers understand what your top cybersecurity concerns are and how cybersecurity ranks relative to other business priorities, as well as your insights and suggestions for strengthening your overall cybersecurity posture. Survey responses will be collected and anonymized. No confidential or identifiable data from SMBs will be published.
The survey is open to the entire SMB community. Small and midsize businesses are encouraged to respond to the survey in the next 30 days. So, step right up and take the survey now.
The purpose of this blog and its comments section is to inform readers about Federal Trade Commission activity, and share information to help them avoid, report, and recover from fraud, scams, and bad business practices. Your thoughts, ideas, and concerns are welcome, and we encourage comments. But keep in mind, this is a moderated blog. We review all comments before they are posted, and we won’t post comments that don’t comply with our commenting policy. We expect commenters to treat each other and the blog writers with respect.
- We won’t post off-topic comments, repeated identical comments, or comments that include sales pitches or promotions.
- We won’t post comments that include vulgar messages, personal attacks by name, or offensive terms that target specific people or groups.
- We won’t post threats, defamatory statements, or suggestions or encouragement of illegal activity.
- We won’t post comments that include personal information, like Social Security numbers, account numbers, home addresses, and email addresses. To file a detailed report about a scam, go to ReportFraud.ftc.gov.
We don't edit comments to remove objectionable content, so please ensure that your comment contains none of the above. The comments posted on this blog become part of the public domain. To protect your privacy and the privacy of other people, please do not include personal information. Opinions in comments that appear in this blog belong to the individuals who expressed them. They do not belong to or represent views of the Federal Trade Commission.