Cyber Readiness Institute Launches New Tools And Resources To Support Small And Medium-Sized Businesses


Free Cyber Readiness Program Helps Simplify Cybersecurity;
Easy-to-Implement Policies and Best Practices Can Make Organizations More Secure

New York, NY – The Cyber Readiness Institute (CRI) today launched new on-line tools and programs to help small and medium-sized businesses (SMBs) easily navigate the complexities of cybersecurity and make their organizations less vulnerable to cyberattacks.

Working with the world’s leading cybersecurity and supply chain experts, global enterprises, and thousands of small and medium-sized businesses, the not-for-profit Institute updated its signature Cyber Readiness Program to help companies of any size build stronger cultures of cyber awareness and compliance. Technical advice and support from Apple, ExxonMobil, General Motors, Mastercard, Microsoft, Center for Global Enterprise, and Principal Financial Group® help inform the Program’s new and revised components. These robust but easy-to-implement resources are available free-of-charge at

“Nearly half of all SMBs experienced some form of cyber attack in 2022, but very few have strong password policies or train their employees on cybersecurity preparedness,” said Karen Evans, managing director of the Institute. “Our updated Cyber Readiness Program makes cybersecurity best practices easier to understand and implement. The goal is to create a practical culture of cyber readiness in every organization by encouraging people to make small but meaningful changes in their on-line behavior.”

Program Offers Best Practices, Proven Policies, and a Focus on Business Continuity

CRI’s updated Cyber Readiness Program and companion Playbook are designed to inform and train an organization’s Cyber Leader on best practices including how to implement effective cyber policies, prioritize what assets are most important to protect, and develop business continuity plans that help businesses respond and recover should they be breached.

The Program provides short training videos and materials that Cyber Leaders can share with their colleagues to build awareness and gain commitment to best practices. Its seven quick and easy-to-navigate modules are built around the CRI’s “Core Four Policies”:

  • passwords+ (multi-factor authentication);
  • software updates;
  • phishing; and
  • secure sharing and storage.

Additional components of the Program include a comprehensive playbook offering counsel on everything from drafting cyber policies to prioritizing what to protect, and new metrics to help organizations best track their progress.

“As the owner and operator of a small primary care practice, I appreciate the thoughtfulness and insight that continues to inform the Cyber Readiness Program,” said Dr. Anjula Agrawal, chief executive officer of Washington, DC-based A Squared Primary Care. “Our expertise is in helping people lead healthier lives, not information technology, so access to trusted, prescriptive approaches to cybersecurity makes a huge difference for our business and our employees.”

About the Cyber Readiness Institute

Launched in 2018, the Cyber Readiness Institute is a non-profit initiative that convenes business leaders from across sectors and geographic regions to produce free cybersecurity tools for small and medium-sized businesses. Its mission is to advance the cyber readiness of these SMBs to improve the security of global supply chains. Its tools and resources focus on human behavior and emphasize employee education and awareness.

The Institute is housed within the Center for Global Enterprise, a New York-based non-profit applied research organization. CRI was co-founded by former IBM CEO Samuel J. Palmisano and executives from Mastercard, Microsoft, ExxonMobil, and PSP Partners as a follow-up to the work of the President’s Commission on Enhancing National Cybersecurity (2016). Member companies include Apple, ExxonMobil, Mastercard, Microsoft, and Principal Financial Group. ExxonMobil and PSP Partners are founding members that continue to support the objectives and programs of CRI.

For more information visit: or email


Leading Companies Comment on CRI’s Cyber Readiness Program


“We see tremendous value in small and medium-sized businesses applying the policies and best practices shared in the Cyber Readiness Program to strengthen their cyber resilience,” said Martha E. Miranda, manager of ExxonMobil’s Cyber Business Response Center of Excellence.


“Every business needs to establish and maintain a heightened state of cyber readiness as part of their business continuity planning,” said Ron Green, chief security officer at Mastercard. “The Cyber Readiness Program helps organizations of any size build stronger cultures of cyber awareness and compliance.”


“Strong cybersecurity isn’t a ‘nice-to-have’ or something that can be considered optional, regardless of your company’s size, industry, or market,” said Tom Burt, CVP, Customer Security & Trust at Microsoft. “It’s foundational to smart business practices, and increasingly required given the rapidly expanding regulatory focus on cyber in the U.S., the EU, Asia, and other markets.”

Principal Financial Group

“Improving the cyber readiness of small businesses is fundamental for all businesses in our increasingly interconnected world,” said Meg Anderson, Vice President, Chief Information Security Officer, Principal®. “CRI’s new Cyber Readiness Program adds important new features and makes it even easier for small businesses to use and adopt to create a culture of cyber readiness.”