Abstract
Small businesses are a unique class of organization with challenging cyber security problems that are frequently overlooked. These firms are being increasingly targeted for cyber-attack. These firms are particularly vulnerable to cyber-attack due to the often-valuable information they handle coupled with overworked and undertrained IT support. The University of Alabama in Huntsville is conducting an on-going survey of the cyber security practices of small businesses seeking to implement the NIST SP 800-171 cyber security standard. The data gathered indicates that small businesses in this field are likely to engage in poor security practices arising from common cyber security misconceptions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
National Institute of Standards and Technology: NIST Special Publication 800-171 Revision 1: Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171r1.pdf. Accessed 27 Feb 2019
National Institute of Standards and Technology: NIST Handbook 162: NIST MEP Cybersecurity Self-assessment Handbook For Assessing NIST SP 800-171 Security Requirements in Response to DFARS Cybersecurity Requirements. https://nvlpubs.nist.gov/nistpubs/hb/2017/nist.hb.162.pdf. Accessed 27 Feb 2019
National Institute of Standards and Technology: DFARS Cybersecurity Requirements. https://www.nist.gov/mep/cybersecurity-resources-manufacturers/dfars800-171-compliance. Accessed 27 Feb 2019
US Department of Defense: Defense Federal Acquisition Supplement, 252.204-7012. https://www.acq.osd.mil/dpap/dars/dfars/html/current/252204.htm#252.204-7012. Accessed 3 Mar 2019
Educause Review: CUI Requirements in Federal Contracts Aren’t FAR Away. https://er.educause.edu/blogs/2018/5/cui-requirements-in-federal-contracts-arent-far-away. Accessed 3 Mar 2019
PCI Security Standards Council: Payment Card Industry (PCI) Data Security Standard Version 3.2.1. https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf?agreement=true&time=1553228375592. Accessed 3 Mar 2019
Rosenburg, J.: Vulnerable to attack: businesses should boost cyber defenses. https://www.fifthdomain.com/industry/2019/03/13/vulnerable-to-attack-businesses-should-boost-cyber-defenses. Accessed 21 Mar 2019
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Imsand, E., Tucker, B., Paxton, J., Graves, S. (2020). A Survey of Cyber Security Practices in Small Businesses. In: Choo, KK., Morris, T., Peterson, G. (eds) National Cyber Summit (NCS) Research Track. NCS 2019. Advances in Intelligent Systems and Computing, vol 1055. Springer, Cham. https://doi.org/10.1007/978-3-030-31239-8_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-31239-8_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-31238-1
Online ISBN: 978-3-030-31239-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)