Cyber Readiness Institute Releases Free Cyber Readiness Starter Kit to Help Small Businesses Protect Against Most Common Attacks

Washington, DC, September 30, 2019 – Protecting customers, partners and employees from cyber attacks is a daunting challenge for small business owners. Today, the Cyber Readiness Institute (CRI) released a new Cyber Readiness Starter Kit designed to demystify cybersecurity and provide easy to use tools and policies to reduce the risk of the most common cyber vulnerabilities.

“Too often, cybersecurity has been communicated in ways that are too complex and technical, and require too many resources for small business owners and leaders,” said Kiersten Todt, managing director of CRI. “The CRI Starter Kit provides easy to implement policies and tools that can be deployed to provide small businesses with effective approaches to address the most common tactics used by cyber criminals. The Starter Kit provides small business owners with prescriptive solutions to their most impactful cyber problems.”

Small businesses have long been easy targets for cyber criminals. But, we do know that focusing on four key attack vectors will greatly minimize risk. More than 60% of data breaches are a result of weak or stolen passwords, 91% of all attacks start with a phishing email, 27 percent of malware infections are introduced via a corrupted USB and 77% of attacks in 2017 could have been prevented if software was up-to-date.

The Starter Kit includes employee education programs about using secure passwords, updating software with the latest patches and managing the use of USB memory sticks. In addition, CRI provides a simple guide to help managers start the conversation with team members about cyber risks, protections and good practices; a quiz that office members can use to see how well they understand their security situation; and posters that can be used in offices to remind team members of critical lessons learned to help secure their digital possessions.

“Organizations of all sizes need to take action to understand and manage their cyber risk,” said Tom Burt, Corporate Vice President of Customer Security and Trust at Microsoft. “The CRI Starter Kit is tailored to help small businesses get on track and recognize positive impacts immediately, addressing high priority issues and building towards more comprehensive risk management programs.”

The Cyber Readiness Starter Kit is a great place to find basic guidance about cyber issues and risk. But some organizations need a more robust approach. CRI also offers the Cyber Readiness Program to provide greater cyber protections. The Cyber Readiness Program was developed with input from leading security experts at global companies, subject matter experts, and feedback from a pilot program of small businesses. The free, self-guided online program provides resources and tools—including policies, posters, and workforce education materials —that align with each step of the Program’s five-stage process. The Cyber Readiness Program is available in English, Spanish and Portuguese. The Program will be translated into Chinese, Japanese and French by yearend.

For more information, please contact Adam Benson at 202.999.9104 or

About the Cyber Readiness Institute

The Cyber Readiness Institute (CRI) convenes senior leaders of global companies—including Mastercard, Microsoft, ExxonMobil, Maersk, General Motors and others from around the world—to share best practices and resources to improve the cyber readiness of small and medium-sized enterprises.

The Institute’s co-chairs are Samuel J. Palmisano, retired president and CEO, IBM and current chairman, The Center for Global Enterprise; Ajay Banga, president and CEO, Mastercard; Satya Nadella, CEO, Microsoft; and Penny Pritzker, former U.S. Secretary of Commerce and current chairman, PSP Partners. The managing director of CRI is Kiersten Todt, former executive director of the Presidential Commission on Enhancing National Cybersecurity.