Small Business Cybersecurity

Course Overview

We at Guardian Angel IT are so excited to have you here. We're small business owners ourselves, with a deep passion for IT and cybersecurity.

The main reason for creating this course was to help level the playing field between small and large businesses when it comes to cybersecurity.

This comprehensive course is designed for small business owners, partners, and employees to gain a solid understanding of the cybersecurity landscape as it applies to small businesses.

While it covers a ton of information, throughout the course we try to carefully distill the parts that are most important information to help small businesses thrive.

We also know (from firsthand experience) that small businesses need to do things on a tight budget. Luckily, it doesn't take a lot of money to have a strong defensive security posture!

Throughout the course, we try to promote a behavior, configuration, and education-first approach. This allows any business to start building a strong defense with little or even no monetary investment.

We present a range of options to enhance security, highlighting those that are lower cost and presenting a comprehensive framework for building an approach to cybersecurity that can start for free and grow with your business!

Covered in this Course

The course is divided into several sections:

Introduction - The first section provides an introduction to cybersecurity, focusing on topics of relevance to small businesses. Topics include: an introduction to cybersecurity, the small business advantage in cybersecurity, what cyber attacks are, an introduction to cybersecurity tools, defensive and offensive cybersecurity practices, social engineering, and the MITRE ATT&CK framework.

Cybersecurity Technologies for Small Businesses - We dive into the details of the most important technologies available including firewalls, antivirus, EDR (endpoint detection and response), SIEM (Security Information and Event Management), SOAR (Security Orchestration, Automation, and Response), and XDR (eXtended Detection and Response).

Defensive Cybersecurity for Small Businesses - In this section, we dive deeper into how defensive cybersecurity works. We'll take a look at the SOC (Security Operations Center) and how incident response, threat hunting, and digital forensics works. While most small businesses won't be managing a SOC themselves, its important to know what it is, how it works, and what lessons small businesses can extract. We'll look at how small businesses can create a strong defensive posture by using a layered approach to security, implementing powerful technologies at the network, device, and application levels. We'll also look at 'active' defensive measures like honeypots, and see how - despite being a tools used almost exclusively by large companies - they can be deployed at low cost to maximize the efficacy of our entire defensive systems.

Offensive Cybersecurity for Small Businesses - Currently, offensive security services are used almost entirely by large enterprises. But we've found that we can use the tools of offensive security in carefully chosen, targeted scenarios to dramatically improve the defenses of small businesses. In this section, we cover vulnerability assessments, penetration testing, red team engagements, purple teaming, phishing assessments, and more. We also take a look at an offensive security strategy that can be deployed alongside a defensive strategy by even the smallest business with the tightest budgets.

Defensive Strategy and Tactics - This is the largest section of the course. It's designed to take the information from the prior sections and help piece it together in an effective way for small businesses. The overall focus is on formulating and deploying a comprehensive cybersecurity strategy that takes advantage of the available technologies and services we've learned thus far. By the end of this section, we'll have a strong understanding of how to build a comprehensive plan for any business.

Creating and Implementing a Plan - In this last section, we take everything we've learned in the course and use it to create a custom plan for your business that can immediately be put into action!