Skip to main content
Genesis SignalsCyber

Resources

Practical references and starting points. These are authoritative, free, and not affiliated with any vendor.

Five things to do this month

1. Enforce MFA everywhere

Multi-factor authentication is the single highest-ROI control for most small businesses. Start with email and admin accounts. Use your existing platform (Microsoft or Google) before buying additional tools.

2. Adopt a team password manager

Password reuse is a leading breach vector. A team password manager creates shared vaults, enforces unique credentials, and makes onboarding and offboarding cleaner. Bitwarden Teams is under $4/user/month.

3. Test your backups

Having a backup is not enough. Untested backups fail when you need them. Schedule a quarterly restore test of at least one critical system or dataset.

4. Review who has admin access

Every account that does not require admin privileges should not have them. Global admin accounts in Microsoft 365 should be separate, dedicated accounts, not the email accounts people use daily.

5. Enable DNS filtering

Cloudflare Gateway is free for basic DNS filtering. It blocks known malicious domains and phishing infrastructure before users can reach them. Deploy it on company devices and your office network.

Authoritative references

CISA Small Business Cybersecurity Corner

cisa.gov

Free, plain-language resources from the Cybersecurity and Infrastructure Security Agency. Includes the Cyber Essentials guide specifically for small businesses.

NIST Cybersecurity Framework (CSF 2.0)

nist.gov

The national standard for cybersecurity risk management. CSF 2.0 includes a new Govern function and is more accessible than previous versions. Useful for understanding what control categories actually cover.

CIS Controls v8

cisecurity.org

18 prioritized controls that cover the majority of attack surface. Implementation Groups 1 and 2 are practical starting points for small businesses. More actionable than NIST for initial implementation.

FTC Cybersecurity for Small Business

ftc.gov

Federal Trade Commission guidance specifically written for small businesses. Plain language, legally grounded, and includes sector-specific guidance.

Not sure where your biggest gaps are?

The Stack Finder asks about your current tools and environment, then produces a risk-ranked recommendation with cost estimates. Free, no login required.

Start the Stack Finder