TechSource: Cyber CYA


  The Colorado SBDC Network's

            

Education, consulting, and resources to cover your assets
Secured by:
      


The mission of the Colorado SBDC Network Technology Program (SBDC TechSource) is to help (1) existing and new technology businesses and (2) all businesses to grow and prosper. 

With the receipt of the America's Small Business Development Centers Technology Designation late last year, the Colorado SBDC Network can continue to provide and expand specialized expertise to technology ventures in Colorado, as well as building a robust program of specialized technology support for all business. 

The Pikes Peak SBDC's Cyber: CYA program is built to assist small and medium sized businesses by focusing on topics for all levels of business and their needs from cloud computing, security measures using social media, to securing technology to meet compliance standards in government contracting. 

What's your risk? Find out by using our Risk Assessment tool! 
Take the Risk Assessment!
 

Resource Videos 
Newsworthy-from the experts:

Cybersecurity Resources 

Department of Homeland Security: US-CERT: United State Computer Emergency Readiness Team 


Resources for Small and Midsize Businesses (SMB)

Cybersecurity is critical to any business enterprise, no matter how small. However, leaders of small and midsize businesses (SMB) often do not know to begin, given the scope and complexity of the issue in the face of a small staff and limited resources. To help business leaders get started, DHS has provided a list of top resources specially designed to help SMBs recognize and address their cybersecurity risks.
  1. Toolkit for Small and Midsize Businesses (SMB) Table of Contents 
  2. Begin the Conversation: Understanding the Threat Environment 
  3. Getting Started: Top Resources for SMB 
  4. Cybersecurity for Startups 
  5. C3 Voluntary Program Outreach and Messaging Kit 
  6. SMB Leadership Agenda 
  7. Hands-On Resource Guide 
  8. Stop. Think. Connect. Toolkit
Cyber Hygiene (CH) is a no-cost, voluntary DHS assessment encompassing continuous configuration error and vulnerability scanning of public, internet-facing information systems. As potential issues are identified, DHS works with impacted entities to proactively mitigate threats and risks to their systems prior to exploitation by malicious third parties. A report is provided to all participants on a recurring basis which includes remediation and mitigation recommendations to address identified vulnerabilities, allowing them to improve their cybersecurity postures. I have attached a sample report that businesses would receive on a recurring basis as part of the Cyber Hygiene Program. Us this  document to sign up (Acceptance Letter). Feel free to distribute to SMBs for them to take advantage! View a sample report here. 

Small Business Administration (SBA) Training
This 30 minute, self-paced training exercise provides an introduction to securing information in small businesses. For more information, please visit this link here.

Federal Small Biz Cyber Planner T
This tool helps businesses create custom cybersecurity plans. The Small Biz Cyber Planner includes information on cyber insurance, advanced spyware, and how to install protective software.  For more information, please visit this link here.

Internet Essentials for Business 2.0 
This guide for business owners, managers, and employees focuses on identifying common online risks, best practices for securing networks and information, and what to do when a cyber incident occurs. For more information, please visit this link here.

NACD Cyber-Risk Oversight Handbook
The National Association of Corporate Directors (NACD), in conjunction with AIG and the Internet Security Alliance, has identified five steps all leadership and management teams should consider as they seek to enhance their oversight of cyber risks. The NACD Cyber-Risk Oversight Handbook can be found here.

White Paper: Every Small Business Should Use the NIST Cybersecurity Framework
This white paper from eManagement can help SMBs understand and use the National Institute of Standards and Technology (NIST) Cybersecurity Framework.  It provides cybersecurity tips for SMBs aligned to the Framework’s core functions: Identify, Protect, Detect, Respond, and Recover. The white paper can be found here.

Geographically Specific Resources 
This collection of cyber resources from various levels of government can help small and midsize businesses recognize and address their cyber risks. Access geographically-specific resources here

National Initiative for Cybersecurity Careers and Studies: 
  • National Initiative for Cybersecurity Careers and Studies recently re-designed their website. This site includes training information with over 3,000 courses you can search to locate a cyber-specific course near you to enhance your skills and knowledge. You can become a course vendor and have courses added to the course catalog at no cost. 
  • On this website, you can also learn about the National Cybersecurity Workforce Framework. This Framework breaks down the cyber field into various competencies which in turn help students understand which area of cyber they want to join and what to study in school. It helps the businesses and governments hiring these graduates because they can better post jobs with the appropriate language aligning to the Framework, thereby hiring the correct talent as well.  
  • For government employees (include state and local) as well as for veterans, there is a link for the Federal Virtual Training Environment, a portal with free online cybersecurity courses for employees looking to enhance their cyber skills and training opportunities.
Zero to Low-Cost Cybersecurity Solutions (Thank you to our partners at Delaware SBDC) 
(Resources on encryption, cloud-based storage, controlling access, password management, etc.) 
Cybersecurity Resources List


BROUGHT TO YOU BY: 



    

SECURED BY: 

 

IN COLLABORATION WITH: 


   


Sign Up For E-Newsletter