Cybersecurity Readiness For Small Businesses
Small businesses are increasingly vulnerable to cyberattacks, and their limited resources often leave them ill-equipped to defend against these threats. In 2021, out of 34 million cyberattack attempts, 43% targeted small businesses, resulting in significant financial losses. Virginia’s concentration of federal and defense organizations makes small businesses here a critical link in national security. To address this challenge, Old Dominion University (ODU) is embarking on a project that leverages its cybersecurity expertise and the resources of its Business Development Center (BDC) to support small businesses in tackling cybersecurity issues. This initiative falls under the Cybersecurity for Small Business Pilot Program, which provides grants for counseling and training services. We seek an award of $1,000,000 to serve approximately 400 small businesses, helping them address cyber threats and vulnerabilities.
Virginia has positioned itself as a leader in the cybersecurity industry, fostering an environment of innovation and public-private partnerships. It has various programs such as the Cybersecurity Business Development Program, helping companies enhance their cybersecurity capabilities, and the Cybersecurity Workforce Development Program, which builds a skilled cybersecurity workforce. To protect data and systems, Virginia’s Information Technologies Agency maintains a directorate dedicated to security. With cyberattacks on the rise, the state is actively working to secure its technology infrastructure.
ODU’s project aims to simplify NIST control guidelines, automate cybersecurity compliance, and provide cybersecurity training. Central to the project is the Cybersecurity Compliance Challenges to Small Business (C3SB) tool, offering a cost-competitive, cloud-based project management and security compliance solution. The project leverages the expertise of the Business Development Center (BDC) at ODU, which has a strong network of small business clients and offers personalized business consulting services, workshops, and support.
Performance Measures, Metrics & Outcomes:
The project’s outcomes include increased cybersecurity maturity in small businesses, leading to regional cybersecurity enhancement and economic benefits. Milestones of the project encompass preparing simplified NIST control elements, automating compliance and risk management, and cost-effective cybersecurity compliance. Performance measures include the number of small businesses reached and served, resolved cybersecurity cases, increased cybersecurity awareness, client satisfaction, cost savings, and Federal Acquisition Regulation (FAR) 52.204-21. The project also conducts training events, webinars, and workshops.
Direct Benefit to Small Business Communities and Clients:
The project directly benefits small businesses by simplifying cybersecurity training and awareness process. Small businesses will fortify their businesses with cybersecurity shield, enabling them to focus on growth and innovation while securely adopting new technologies. This initiative promotes regional economic growth by strengthening small businesses’ cybersecurity posture.
The project collaborates with ODU’s Cybersecurity Department, BDC, and partner organizations. The collaborative approach combines cybersecurity expertise, training content development and delivery, and small business outreach and support, making the project more effective and affordable for small businesses.
Data Collection & Measurement of Outcomes:
Key data collection elements and metrics include:
- The number of small businesses reached.
- The number of small business clients served.
- The number of resolved cybersecurity cases.
- Small Business Training Satisfaction.
- Potential cost savings.
- Employee satisfaction.
These metrics provide a comprehensive view of the project’s impact and its success in achieving cybersecurity goals for small businesses.