Helping existing and new science and technology businesses

Cyber: CYA (SBDC TechSource)

The Colorado SBDC Network's Cybersecurity Education to "Cover Your Assets"

The Pikes Peak SBDC’s Cyber: CYA program is built to assist small and medium sized businesses by focusing on topics for all levels of business and their needs from cloud computing, security measures using social media, to securing technology to meet compliance standards in government contracting.

Did You Know?

  • 3 percent of cyber attacks target small business
  • Only 14 percent of small businesses rate their ability to mitigate cyber risks, vulnerabilities and attacks as highly effective
  • 60 percent of small companies go out of business within six months of a cyber attack
  • 48 percent of data security breaches are caused by acts of malicious intent (human error or system failure account for the rest)

Free and confidential consulting and low cost workshops are available! Browse our resources and workshops below. Call us with any questions! #CyberAware

(Source: https://smallbiztrends.com/2017/01/cyber-security-statistics-small-business.html)

What Is SBDC TechSource?

The mission of the Colorado SBDC Network Technology Program (SBDC TechSource) is to help (1) existing and new technology businesses and (2) all businesses to grow and prosper.

With the receipt of the America’s Small Business Development Centers Technology Designation late last year, the Colorado SBDC Network can continue to provide and expand specialized expertise to technology ventures in Colorado, as well as building a robust program of specialized technology support for all business.

The Pikes Peak SBDC’s Cyber: CYA program is built to assist small and medium sized businesses by focusing on topics for all levels of business and their needs from cloud computing, security measures using social media, to securing technology to meet compliance standards in government contracting.

Risk Assessments

Contact the SBDC at info@pikespeaksbdc.org or request consulting for your business risk assessment!

Resource Videos

This On-Demand Webinar Library is part of our Techsource: Cyber CYA program, consisting of workshops, resources, webinars, events, and free consulting to help business cover their assets. Below you will find a series of 1-hr webinars on a variety of cybersecurity-related topics, specifically for small businesses!

Presented by:

Dr. Shawn Murray
Founder & CAO, Murray Security Services

Newsworthy

Russian Cyber Attacks – Memo for Small Businesses

February 24, 2022

Memo for all Small Businesses

From: Dr. Shawn P. Murray, President of Murray Security Services and Lead Cyber Consultant at the Pikes Peak Small Business Development Center (SBDC)
As the world watches further developments between Russia and the Ukraine, many small business owners and managers are wondering what effects there may be on their businesses. It is a good question to ponder, considering that it has been reported that Russia began planning their invasion many months in advance to include cyber attacks on Ukraine’s government and elements of their national critical infrastructure. It has been reported by the FBI and intelligence sources that the Russia planted malware, to include ransomware and advanced persistent threats (APTs) months in advance to degrade Ukraine’s communications and create chaos for government, military and civilians.

World leaders vow to hold Russia accountable and have already imposed sanctions to include freezing bank accounts and restricting Russia’s ability to trade using the American dollar and the Euro. More sanctions will put pressure on Russia to respond to these measures and we believe that may include increased attacks on businesses that are vulnerable to cyber attacks like ransomware in order to raise funds to continue their activities.
As a small business, it is imperative that you have an understanding of your most critical business processes and develop a continuity strategy and plan to protect your assets. Ask yourself these questions to get started:

  1. What information or data does my business process, transmit and/or store?
  2. How is the information or data protected from a cyber-attack or unauthorized disclosure or breach?
  3. How often do you back up your critical information or data? Do you store the backups off site?
  4. What critical applications or programs are required to keep your business operating?
  5. Do you have a backup strategy if these applications or programs are no longer available due to a cyber-attack?
  6. What critical systems or devices are required to keep your business operating?
  7. Do you have a backup strategy if these systems or devices were no longer available due to a cyber-attack?
  8. How long can your operation be down due to a cyber-attack before it negatively disrupts your business?

As a business owner/operator, you must have a contingency plan in place with a solid understanding of effective responses to the questions above. You should have a prioritized list of your critical processes and a recovery schedule for them. You should perform resilience tests as well to ensure you address any deficiencies.

As a small business, this can seem a bit overwhelming! Where does one start to address each area? You don’t have to figure this out on your own. Contact the Small Business Development Center to set up an appointment with a cyber consultant so they can help you create a plan. Other SBDC resources include business continuity, disaster recovery and financial planning to help you mature an effective approach to better understand your business and protect it!

Resources:
US braces for Russian cyberattacks as Ukraine conflict escalates Here’s how that might play out
By Rishi Iyengar, CNN Business
Updated 8:12 AM ET, Thu February 24, 2022
https://www.cnn.com/2022/02/24/tech/russia-ukraine-us-sanctions-cyberattacks/index.html

US officials tell businesses to watch for potential ransomware attacks after Biden announces Russia sanctions
By Sean Lyngaas, CNN
Updated 8:58 PM ET, Tue February 22, 2022
https://www.cnn.com/2022/02/22/politics/russia-sanctions-fbi-cyber-threats-ransomware/index.htm

Our Cyber Team

Cybersecurity Resources

ASBDC North Star CMM

North Star CMM has developed resources for small businesses that cover a variety of topics and can help your small business navigate the sometimes overly complicated subject matter of cyber and data protection. In addition to our own resources, below you will find resources available from partner organizations that have developed their own materials.

Colorado Governor's Office of Information Technology

The mission of OIS is to provide leadership in the development, delivery and maintenance of an information security program by safeguarding the state’s information assets against unauthorized use, disclosure, modification, damage or loss to support Colorado’s mission to provide secure and sustainable services.

OIS is directly aligned with the goals and objectives of the National Strategy to Secure Cyberspace. Working closely with federal, state, local and private sector partners, the Office of Information Security actively gathers and analyzes information on cyber threats and vulnerabilities that present risk to the state’s information systems or the critical information managed within.

Resources for Small and Midsize Businesses (SMB)

Cybersecurity is critical to any business enterprise, no matter how small. However, leaders of small and midsize businesses (SMB) often do not know to begin, given the scope and complexity of the issue in the face of a small staff and limited resources. To help business leaders get started, the Cybersecurity & Infrastructure Security Agency (CISA) has provided a list of top resources specially designed to help SMBs recognize and address their cybersecurity risks.

Information for Federal Government Contract Compliance and Certifications
DAF CISO Blue Cyber

DAF CISO’s Blue Cyber is dedicated to an early-partnership with Defense Industrial Base small business contractors and potential contractors to arm them with the latest in cybersecurity best practices. 

Federal Communications Commission (FCC): Cybersecurity for Small Business
Federal Small Biz Cyber Planner

This tool helps businesses create custom cybersecurity plans. The Small Biz Cyber Planner includes information on cyber insurance, advanced spyware, and how to install protective software.

National Initiative for Cybersecurity Careers and Studies
  • National Initiative for Cybersecurity Careers and Studies recently re-designed their website. This site includes training information with over 3,000 courses you can search to locate a cyber-specific course near you to enhance your skills and knowledge. You can become a course vendor and have courses added to the course catalog at no cost.
  • On this website, you can also learn about the National Cybersecurity Workforce Framework. This Framework breaks down the cyber field into various competencies which in turn help students understand which area of cyber they want to join and what to study in school. It helps the businesses and governments hiring these graduates because they can better post jobs with the appropriate language aligning to the Framework, thereby hiring the correct talent as well.
  • For government employees (include state and local) as well as for veterans, there is a link for the Federal Virtual Training Environment, a portal with free online cybersecurity courses for employees looking to enhance their cyber skills and training opportunities.
National Institute of Standards and Technology (NIST)
America's Small Business Development Center (ASBDC) NorthStar Small Business Data/Cyber Protection Awareness
StaySafeOnline

Powered by National Cyber Security Alliance, this resource educates and empowers the global digital society.

PROGRAM BROUGHT TO YOU BY:

The Colorado SBDC Network is the recipeint of an SBA grant to support small business cybersecurity education.

THANK YOU TO OUR PARTNERS:

Skip to content