A cyber security program for small business is a set of activities including security policies and security controls that are designed to prevent a successful cyber-attack against your business and recover from a cyber-attack quickly and completely.
The most fundamental way to outline the technical goals of a of a cyber-security program is that it should provide Confidentiality, Integrity and Availablity (CIA) assurances for the IT systems and the data that comprise the organisations data ot IT assets.
The specific details of a cyber-security program depaends on each organisations unique business operations, technology environment and risks.
There are many reputable industry standards such as NIST, ISO and OWASP, there serve to consolodate information and make it available to those looking at designing and managing a cyber-security program