What do we know so far: Security threat is expanding in scope, cyber criminals are targeting small and medium size business more and more due to the fact that business of this size are less likely to have an effective security system in place and make them an easy target. Just remember when ransomware started and who were the biggest victims in that period.
To battle modern security threats in a digital age any business needs to be well equipped and have some basic protection in place for their endpoints, e-mail, data storage (especially personal data), network and any additional systems or services you use such as cloud. Aside from the obvious need for top management/owner buy-in, to achieve this, an organization needs to have:
1. the right people with information security backgrounds
2. the right security solutions implemented and configured and
3. the appropriate security policies, standards and procedures implemented.
Now, we cannot opensource people because we are not allowed to, but we do care and talk about extensively on InfoSec career paths and getting more people into it. You can read more on this in our Forum.
Regarding the other 2 points you are in luck because we are here to help you with open source security solutions and security policies, standards and procedures! We want to give you all the tools necessary so you can secure your business, for free. Yeah, free. So, you have no excuses now, it is simply up to you to get into this and secure your business.
For open source policy, standards and procedures templates just go to our Free Tools page and get all the stuff you need. If we don't have a template you are looking for write us and we will work on it asap and add it to the library!
ABIIS believes in free knowledge sharing and community driven development, join us and contribute. Spread the good word.