Skip to main content

Cookies on BBB.org

We use cookies to give users the best content and online experience. By clicking “Accept All Cookies”, you agree to allow us to use all cookies. Visit our Privacy Policy to learn more.

Cookie Preferences

Many websites use cookies or similar tools to store information on your browser or device. We use cookies on BBB websites to remember your preferences, improve website performance and enhance user experience, and to recommend content we believe will be most relevant to you. Most cookies collect anonymous information such as how users arrive at and use the website. Some cookies are necessary to allow the website to function properly, but you may choose to not allow other types of cookies below.

Necessary Cookies

What are necessary cookies?
These cookies are necessary for the site to function and cannot be switched off in our systems. They are usually only set in response to actions made by you that amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not work. These cookies do not store any personally identifiable information.

Necessary cookies must always be enabled.

Functional Cookies

What are functional cookies?
These cookies enable the site to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, some or all of these services may not function properly.

Performance Cookies

What are performance cookies?
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Marketing Cookies

What are marketing cookies?
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant content on other sites. They do not store personal information directly, but are based on uniquely identifying your browser or device. If you do not allow these cookies, you will experience less targeted advertising.
      Country
          Country
          Latest News

          The 5-Step approach to cybersecurity

          By Better Business Bureau. December 1, 2021.

          Originally published in 2018.

          Cybersecurity for your business is not only about adding layers of security technology. It starts with understanding and managing your cybersecurity risks. The 5-Step Approach to Better Business Cybersecurity, based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework, represents an approach that applies to the specifics of your business, helping you understand how best to identify and protect your business’s vital data and technology assets, and how to detect, respond to and recover from a cybersecurity incident.

          This training program is a collaboration between BBB and the National Cyber Security Alliance (NCSA). The goal of this approach is to empower SMB owners and principals to begin to assess what business assets need to be protected from cyber attacks and encourage them to make their business more resistant to cyber attacks or other incidents, and more resilient if an incident occurs.

          Step 1: Identify
          Take inventory of key technologies you use and know what information you need to rebuild your infrastructure from scratch. Inventory the key data you use and store and keep track of likely threats.

          Step 2: Protect
          Assess what protective measures you need to have in place to be as prepared as possible for a cyber incident. Put protective policies in place for technologies, data and users, and ensure that your contracts with cloud and other technology service providers include the same protections. 

          Step 3: Detect
          Put measures in place to alert you of current or imminent threats to system integrity, or loss or compromise of data. Train your users to identify and speedily report incidents.

          Step 4: Respond
          Make and practice an Incidence Response Plan to contain an attack or incident and maintain business operations in the short term.

          Step 5: Recover
          Know what to do to return to normal business operations after an incident. Protect sensitive data and your business reputation over the long term.

          Download the 5 Steps to Better Cybersecurity (PDF)

          The 5-step approach follows guidance from the “Framework for Improving Critical Infrastructure Cybersecurity” Version 1.0, National Institute of Standards and Technology, February 12, 2014.

          For additional resources see: https://stopthinkconnect.org/ and https://www.us-cert.gov/ccubedvp

          About The National Cyber Security Alliance
          The National Cyber Security Alliance (NCSA) is the nation's leading nonprofit public-private partnership promoting the safe and secure use of the Internet and digital privacy. NCSA leads initiatives for STOP. THINK. CONNECT., Data Privacy Day, and National Cyber Security Awareness Month. For more information on NCSA, please visit staysafeonline.org