Cybersecurity Tools for Small Businesses Conducting a risk assessment lets small businesses identify potential vulnerabilities and improvements to increase their cybersecurity. Businesses without their own IT staff can use risk assessment resources from the U.S. Department of Homeland Security, including a cyber resilience review and cyber hygiene vulnerability scanning. The NIST Cybersecurity Framework gives cybersecurity best practices, standards and guidelines for businesses. Following the voluntary framework can help businesses understand their cybersecurity risk and decide where to the focus their cybersecurity time and budget. The framework is produced by the National Institute of Standards and Technology within the U.S. Department of Commerce. The NIST Small Business Cybersecurity Corner offers more guidance, solutions and training for small businesses. To start implementing cybersecurity practices in their organization, small businesses can follow the guide, road map and toolkit provided by the U.S. Cybersecurity and Infrastructure Agency. Small businesses can get tips, watch videos and take quizzes to learn about cybersecurity basics and ways to protect their networks and data from the Federal Trade Commission. Businesses can report security breaches to the North Carolina Department of Justice. The NCDOJ also shares tips for businesses to prevent identity theft. About this Page This page is based on information from the U.S. Federal Communications Commission, Small Business Administration, National Institute of Standards and Technology and Cybersecurity Infrastructure and Security Agency.