The Cyber Readiness Institute (CRI) today announced the launch of the Cyber Readiness Program, backed by global enterprise leaders, to educate and equip small and medium-sized businesses (SMBs) with tools and resources to address four primary cybersecurity issues: authentication, phishing, patching, and USB use. The Program focuses on embedding basic cyber policies and processes into a company’s operating culture. The goal is to engage a company’s entire workforce, create a culture of cyber readiness, and build a more cyber secure and resilient organization. 

“The internet is an amazing thing that has opened new doors and new opportunities for all. At the same time, it does not have an inherent prioritization of security,” said Ajay Banga, president and CEO, Mastercard and co-chair, The Cyber Readiness Institute. “Since cyber threats treat everyone the same, there are some foundational steps we can take to strengthen all the links in today’s supply chain. And that starts with best practices and proven tools for smaller business owners who do not have the same resources to invest in these efforts. That’s where CRI comes in.” 

According to the Verizon 2018 Data Breach Investigations Report (DBIR), 58 percent of data breach victims globally are small businesses. On top of this, many SMBs report doing very little to protect themselves because they lack the required resources, capabilities, and knowledge to do so. 

The Cyber Readiness Program was developed with input from leading security experts at global companies, subject matter experts, and feedback from a pilot program of SMBs. The free, self-guided online program provides resources and tools—including policies, posters, and workforce education materials —that align with each step of the Program’s five-stage process. Companies are prompted to designate a Cyber Leader, who already works within their organization, to take ownership of the Program. 

For companies primarily interested in the policies and communications materials of the Program, an Awareness Kit is also available. 

Additional Quotes from Cyber Readiness Institute Co-Chairs: 

“Cyber threats show no prejudice when it comes to who is targeted, and more often than not, SMBs are becoming the victim of choice for adversaries. This program will not only educate individual businesses, but also ignite a more concerted effort to better secure our global economy by securing global value chains,” said Samuel J. Palmisano, retired president and CEO, IBM Corporation and current chairman, The Center for Global Enterprise

“Cybersecurity is one of the most critical issues today for all companies. For small and medium-sized businesses, an incident or breach can have devastating consequences. Helping SMBs better manage top cyber challenges not only helps individual companies, it fosters stronger resilience across business ecosystems,” said Tom Burt, CVP, Customer Security & Trust, Microsoft

“The Cyber Readiness Program helps raise awareness of cyber hygiene strategies for an organization through greater awareness and practical education of their workforce. It helps SMBs ensure that every employee understands his or her accountability for the cybersecurity of the organization,” said Penny Pritzker, former U.S. Secretary of Commerce and current chairman, PSP Partners

The Program has conducted a pilot with 19 small organizations from across the globe and of various sizes, from two to 750 employees, including Hartman Advisors, PSP Partners, International Business Associates Group for Money Transfer (IBAGMT), Nexion Health, Hartford County Public Library, HiViz, RH Capital and more. 

“The Cyber Readiness Program provides organizations with the tools necessary to evaluate and enhance their current information security footing,” said Ryan Rickels, IT Director, Harford County Public Library. “For organizations just wading into cybersecurity, the policy templates and training resources significantly cut down on the learning curve, enabling them to build a competent security program using tools they probably already own. For organizations, that are already practicing cybersecurity, the same toolkit provides an opportunity to review and formalize policies and procedures that have evolved over time.” 

"When we launched the Cyber Readiness Institute, we brought together senior leaders and cyber experts from our member companies – including Mastercard, Microsoft, Maersk, Citi, ExxonMobil – to inform the development of tools for small and medium-sized businesses,” said Kiersten Todt, managing director of CRI and former executive director of the Presidential Commission on Enhancing National Cybersecurity. “By accessing the resources and experiences of these global companies, whose success depends on their value chains, we have created a Program to help small and medium-sized businesses in these value chains become more cyber ready, cyber secure, and resilient." 

Organizations can also get involved with the Cyber Readiness Program by becoming a Cyber Readiness Champion to raise awareness within their networks through website, social media, and email promotion. The Cyber Readiness Institute is working with several Champion organizations including CTIA, CyberUSA, Global Automakers, Global Cyber Alliance, The Data Security Council of India (DSCI), the National Center for Manufacturing Sciences (NCMS), The Security Network Munich, Cyber Wyoming, Gener8tor, Ethisphere, the Center for Responsible Enterprise And Trade (CREATe.org), the Cybersecurity Collaborative and others. To learn more about how to become a Cyber Readiness Champion, please contact [email protected] 

To learn more about the Cyber Readiness Program, please visit https://www.cyberreadinessinstitute.org You can sign up for the Program directly by visiting: https://www.cyberreadinessinstitute.org/the-cyber-readiness-program