· Government-provided CTI is helpful to small businesses within the DIB in preventing and responding to cyber-attacks, providing a firm is familiar with the government-provided CTI feeds. (H1.2a, H1.2b)

o A large percentage of firms are not familiar with the government-provided CTI feeds and consequently are not utilizing the information in preventing and responding to cyber-attacks. (H1.1a, H1.1b)

· Financial constraints are a major barrier for small businesses within the DIB to the effective utilization of government-provided CTI. (H2)

· Familiarity with government-provided CTI by a small business within the DIB is associated with the firm being periodically reviewed by DCSA or being CMMC compliant. (H3a, H3b)

· Small businesses within the DIB perceive external threats as more likely to cause a future cybersecurity breach for their firms than internal threats. (H4)

· The portion of the IT budget devoted to cybersecurity related activities by small firms within the DIB depends on the perceived probability that the firm would be the victim of a cyber-attack from an external threat. (H5)