A cyber attack can break a small business, and now the Pikes Peak Small Business Development Center has launched a statewide program to help small-business owners get ahead of the threats.

“We have now fully launched our cybersecurity for small business program, which we lovingly call Cyber CYA — Covering Your Assets,” said Pikes Peak SBDC Executive Director Aikta Marcoulier.

The Cyber: CYA training and workshops meet an urgent need, she said. With 43 percent of cyber attacks targeting small businesses, understanding cybersecurity is as essential to survival as understanding cash flow.

Bonnie Moss, executive director of SMB iSAO [Small and Mid-Sized Business Information Sharing and Analysis Organization], said the majority of small and micro companies go under following a cybersecurity breach.

“Small businesses suffer the most egregious attacks because hackers are very aware of their vulnerabilities,” Moss said in an email. “Worse, SMBs are overlooked in the cybersecurity space. They’re often left to their own defenses which can mean limited resources, finances and cybersecurity education.”

The Cyber: CYA program was developed in response to a void in the state’s cybersecurity readiness landscape.

- Advertisement -

“The one thing that isn’t being done is a focused effort on a series just for small business,” Marcoulier said. “I want people to know that we’re not waiting on other groups to make this happen, because this is our area of expertise. We’re workshop people; we do it really well.”

Cyber: CYA is designed to bring small-business owners the information they need, in language they can understand, in their own cities.

One of the first topics Cyber: CYA will focus on is NIST SP 800-171 — known less colloquially as the National Institute of Standards and Technology Special Publication 800-171 — a set of 110 cybersecurity controls and reporting standards mandated by Defense Federal Acquisition Regulations System. Companies doing business with the Department of Defense or DoD contractors must comply with NIST SP 800-171 by Dec. 31, or face losing their contracts.

“The Gist on the NIST 800-171” workshop will be held Dec. 7 at Pikes Peak SBDC.

Editor’s note: Read more about Cyber: CYA in this week’s print edition of the Business Journal.