After completing this session, you will be able to: • Recognise that SME’s work toward a company’s goals, not their current size and that cybersecurity cannot be ignored regardless of a company’s size • Realise an SME is never too small to be important and how a better understanding that the security of information environment can help an SME better manage the threats and opportunities related with IT • Discuss how can information security can be explained in one minute and why information security is not complicated, just a little bit complex but yet understandable • Understand why COBIT 5 is applicable for organsations of any size and how the COBIT 5 principles can help SME’s understand the importance of having an security culture adjusted to their reality, yet aligned with good practices