NIST has released Small Business Information Security: The Fundamentals a best practice guide for small business, this is certainly a good step forward. Threats for this segment are no different from large enterprices; even PCI council's recommendations Skimming Prevention: Best Practices for Merchants can be used by companies including small shops.
"PCI's Russo says the guidelines are for all sizes of retailers, but are especially geared for helping mom-and-pop retailers: "A small merchant that makes pizza isn't going to know much when someone with a terminal shows up with a business card and says he's there to put in a replacement, but is doing something [malicious] with it and leaving it there,"
However most of these threats can be easily mitigated by adopting some basic systems and NIST document is a excelent place to start.
