# Small Business Cyber Risk Prioritization

A practical method for ranking account, device, vendor, and data risks before buying tools.

## Prioritization Method
- List the systems, accounts, vendors, and data that keep operations moving.
- Score each risk by likelihood, impact, and ease of mitigation.
- Start with identity, backups, phishing reporting, and recovery access.

## Decision Rules
- Fix high-impact, low-effort issues first.
- Assign every action to an owner and review date.
- Treat tool purchases as implementation projects, not one-time fixes.

## Related Actions
- Open cybersecurity checklist: /tools/cybersecurity-checklist-tools
- Explore cybersecurity courses: /courses/cyber-101