Cybersecurity guideline for SMEs (2022)
This SME Guide is based on ISO/IEC 27002 standard and outlines the essential controls for SMEs to protect user’s privacy and data and ensure GDPR compliance, and reach the essential level of protection via the implementation of cybersecurity standards.
Out of the 114 controls presented in the ISO/ICE 27002 standard, the guide presents 16 essential controls that SMEs need to implement to provide adequate protection for their digital assets.
The controls cover four main categories:
- Partially Organisational/Technical
- Technical (ICT related)
In addition to raising awareness of cybersecurity, this implementation guide aims to contribute to the ongoing efforts to upgrade the digital intensity of SMEs. Cybersecurity SMEs can use this guide to tailor solutions for non-ICT SMEs and strengthen their security requirements, while upgrading their level of digital capabilities.