Past Events

Small businesses are increasingly targeted by cyber threats, often with limited resources to respond. This session equips business owners with practical knowledge and tools to protect their operations, customers, and reputation.

Session highlights:

• Learn how cyber threats impact small businesses and why awareness matters.
• Recognize phishing, ransomware, and other risks that target small enterprises.
• Hear about local incidents to understand vulnerabilities close to home.
• Understand the financial, legal, and operational consequences of cyberattacks.
• Build a foundation for safer business practices and data protection.
• Develop daily habits to reduce risk and improve security.
• Discover affordable solutions tailored for small business needs.
• Foster awareness among staff and build a security-first mindset.
• Stay informed about regulations and responsibilities affecting your business.

Join the NIST National Cybersecurity Center of Excellence (NCCoE) on August 27, 2025 for a virtual event dedicated to exploring Secure Software Development, Security, and Operations (DevSecOps) practices. This interactive event will showcase the NCCoE’s plans to develop guidelines that demonstrate the implementation of best practices based on NIST’s Secure Software Development Framework (SSDF) and gather feedback to inform the project.

Join the NIST NCCoE for a series of virtual working sessions to provide input on the NIST Cybersecurity Framework (CSF) Cyber Artificial Intelligence (AI) Profile (“Cyber AI Profile). These will serve as a continuation of the April workshop and are intended for cybersecurity and AI leaders. The goal is for attendees to provide detailed, technical input to inform the Profile’s development.  

Each session in this series will explore one of the three Focus Areas planned for the Cyber AI Profile. We will use the Categories in the CSF 2.0 Core to guide our discussions. Topics will include:

• Recap of NIST’s relevant work completed.
• Questions and feedback regarding Focus Area descriptions.
• Identifying key AI considerations for CSF 2.0 Categories.   

Session #1 Topic Background: Securing AI System Components 

The adoption of AI into existing infrastructures introduces new threats and vulnerabilities across data, models, infrastructure, and applications, resulting in unique and diverse cybersecurity and business challenges. These new risks highlight the need for considerations in the areas of governance, risk management strategies, and supply chain, as well as changes to existing cybersecurity practices around access control and authorization policies, updated employee training, revised service agreements with 3rd party AI providers, and network baselines.  This working session will explore how the Cyber AI Profile can support organizations in identifying and mitigating the cybersecurity risks associated with deploying systems in their organizational ecosystems. 

Who should attend? 

These events are open to the public.  We encourage cybersecurity leaders from industry, academia, and government to share expertise on cybersecurity for AI and AI for cybersecurity.  Please come ready to share your knowledge and insights during these interactive working sessions! 

Prepare to Participate: 

If you are unable to attend your desired session, you are welcome to provide us feedback any time by emailing us: [email protected]. 

To prepare for participation in this process, we recommend reviewing the CSF 2.0 Core and learning more about the Cyber AI Profile development effort by reviewing the following resources: 

• NIST Cybersecurity, Privacy, and AI Program
• Blog post:  Managing Cybersecurity and Privacy Risks in the Age of Artificial Intelligence: Launching a New Program at NIST | NIST
• NCCoE Project Page:  Cyber AI Profile
• Cybersecurity and AI Workshop Concept Paper (posted in advance of the April 3, 2025, workshop) 

Visit the event pages for the Conducting AI-enabled Cyber Defense and Thwarting AI-enabled Cyber Attacks sessions to learn more and register! If you are unable to attend your desired session, you are welcome to provide us feedback any time by emailing us: [email protected]. 

Join the NIST NCCoE soon for a series of virtual working sessions to provide input on the NIST Cybersecurity Framework (CSF) Cyber Artificial Intelligence (AI) Profile (“Cyber AI Profile). These will serve as a continuation of the April workshop and are intended for cybersecurity and AI leaders. The goal is for attendees to provide detailed, technical input to inform the Profile’s development.  

Each session in this series will explore one of the three Focus Areas planned for the Cyber AI Profile. We will use the Categories in the CSF 2.0 Core to guide our discussions. Topics will include: 

• Recap of NIST’s relevant work completed.
• Questions and feedback regarding Focus Area descriptions.
• Identifying key AI considerations for CSF 2.0 Categories.   

Phishing is one of the most common types of cyber crime. These scams use convincing emails or other messages, such as text messages or social media messages, to trick users into opening harmful links, downloading malicious software, or submitting sensitive information, such as credentials. These messages are often disguised as coming from a trusted source, such as a bank, credit card company, or even a leader within the business.

Small and medium-sized businesses are not immune to phishing. They are at risk just like their larger counterparts—only smaller organizations typically have fewer resources to prepare for and mitigate phishing risks. However, even with fewer resources, there are still proactive steps organizations of all sizes can take to reduce phishing risks. 

During this NIST small business cybersecurity webinar, we will convene a panel to highlight:

• An overview of different types of phishing attacks in addition to modern, real-world examples;
• Why it’s important to be proactive in protecting your business against phishing;
• Tips for how to spot a phishing attempt;
• Steps to take if you become the victim of a phishing scam;
• Practical steps small businesses can take to reduce your likelihood of falling victim to phishing attempts; and
• Free phishing resources available to businesses for staff training.

Speakers:

• Dr. Shanée Dawkins, Computer Scientist, Visualization and Usability Group, NIST
• Daniel Eliot, Lead for Small Business Engagement, Applied Cybersecurity Division, NIST
• Lessie Skiba, Deputy Managing Director, Cyber Readiness Institute

Small business owners who understand how changes in the cybersecurity landscape affect their operations can make proactive decisions to protect their customers, systems, and brand.

 As federal priorities shift, so do the risks and responsibilities for small business owners trying to stay secure in an increasingly digital world. Learn how regulatory shifts impact small businesses and how to navigate changing compliance requirements.

Stay ahead. Stay informed.

Join Zack Barton and Jake Blacksten as they discuss how to create an efficient cybersecurity emergency response plan. During this webinar, they will note details such as who to contact, and in what order, and provide a checklist of important steps to take in response to a cybersecurity attack.

Businesses join us for a free virtual workshop to learn more about the resources available to help you to protect your company against cyber-attacks. The U.S. Small Business Administration (SBA) and U.S. Cybersecurity & Infrastructure Security Agency (CISA) will be on hand to provide information to help organizations build and maintain a robust and resilient cyber framework. Instructors will present an extensive selection of free cybersecurity services and tools provided by the private and public sector to help organizations further advance their security capabilities.

Start protecting your small business by:

• Learning about cybersecurity best practices
• Understanding common threats
• Dedicating resources to improve your cybersecurity

Registration is required prior to the event. All SBA programs and services are offered on a non-discriminatory basis.

Learn how to prevent and protect from data loss and data leakage resulting from cyber threats. At the end of the course, participants will have multiple, actionable steps to both recognize attacks as well as new behaviors that will thwart attacks.

Copy of the recording and materials will be sent to all attendees.

Supply chain disruptions can hit small businesses hard—but with the right strategy, you can stay stocked, steady, and ready for anything. 

In this webinar, you’ll learn how to protect your product-based business from unexpected delays, shortages, and supplier issues by building a more flexible and diversified supply chain. 

• What a supply chain is—and why it matters for your business
• Common causes of supply chain interruptions (and how to spot them)
• How supply chain diversification can reduce risk and increase resilience
• Real-world examples of small businesses that adapted and thrived
• Practical strategies to map your supply chain and identify vulnerabilities
• Tools and templates to help you get started right away