On March 28th I will be participating in a “Orange County Cyber Security Business Summit” as a panelist, with the focus of providing attendees with educational resources that focus on improving the current status of local businesses relative to potental challenges associated with data protection and privacy. In an article last month on the Small Business Computing website, the following sobering facts were disclosed:

• Forty-eight percent of SMBs say a major data breach would likely shut their business down permanently, according to the results of a recent AppRiver survey of 1,059 cyber security decision makers at SMBs with fewer than 250 employees.
• In some sectors, that proportion is even higher. 71 percent of financial services and insurance SMBs said a major breach would be fatal to their businesses, and 62 percent of healthcare SMBs and 60 percent of business consulting SMBs said the same.
• Seventy-one percent of SMBs said they’ve experienced at least one attempted cyber-attack within the last quarter, and 64 percent said cyber-attacks are “prevalent” among businesses such as theirs.

In its 2017 State of Cybersecurity Among Small Businesses in North America report, the Better Business Bureau noted, “it is time to focus on comprehensive cybersecurity solutions that are customized for the needs and constraints of smaller businesses.”

We are fortunate in Orange County to have two California community colleges that have obtained the National Security Agency / Department of Homeland Security designation as Centers of Academic Excellence in Cyber Defense (CAE). These colleges are are championing a potential grant funded effort that is designed to place students presently enrolled in the Region’s community college cybersecurity programs in internship positions that will be designed to help businesses achieve a reasonable level of defensive measures designed to provide additional protection from cyber-attacks. Students will help businesses to identify “no cost” or “low cost” resources that will enable businesses improve their resistance to cyber-attacks. As an example, we know that employee cybersecurity awareness training is a key component of a defensive program. “No cost” awareness training is available from the following resources:

• Small Business Big Threat
• Enjoy Safer Technology

Proof of substantive evidence of both a need and a resulting chance of success can be provided by identifying an existing program that mirrors much of what we plan to do. We believe it important to point out what has been accomplished through the efforts of the SBDC operating in the State of Kansas. Examples of specific SBDC activities over the past year have included:

• In partnership with the University of Kansas School of Business, providing small businesses with the opportunity to complete an online Cybersecurity Assessment that will be utilized to assist small businesses in their development of appropriate policies and procedures designed to reduce business risks associated with cyber-attacks.
• In partnership with the University of Kansas (Professional and Continuing Education Division), provide a free online course titled “Cybersecurity for Small Business.”

As we move forward with this effort, periodic updates will be provided on this blog site. If you are interested in hosting an intern, please provide your contact information by clicking HERE.

For additional information please reach out to Steve Linthicum (linthicum_steve@rsccd.edu).

I’m just about done with the CompTIA Train-the-Trainer class that finishes up next week. A couple of weeks after that I’ll receive my voucher for the new “core 2” exam (220-1002). Once I have that in hand I’ll schedule it along with the “core 1” exam (220-1001). The last week of March I’ll start taking the Train-the-Trainer class for the new Linux+ exam.

As a side note, wanted to share something that I’m distributing to faculty across Southern California. My advice to them is they need to share with their students the value of “networking” with industry professionals. That advice is shown below:

Here in Southern California we have a variety of national and international organizations that provide this ability to network on a local level. Specific networking opportunities you may want to consider getting involved with include:

• Infragard – An FBI created public/private partnership. Joining requires you go through a process characterized as a “security risk assessment.” There is are local chapters located in San Diego and Los Angeles.
• ITDRC – The Information Technology Disaster Resource Center is a volunteer organization that provides communities with the technical resources necessary to continue operations and begin recovery after a disaster. It harnesses the collective resources of the technology community to provide no cost Information, Communications, and Technology (ICT) solutions that connect survivors and responders in crisis.
• ISSA – The Information Systems Security Association is an international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members. There are local chapters located in San Diego, Orange County, and Los Angeles.
• ISACA – The organization engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.  There are local chapters located in San Diego, Orange County, and Los Angeles.
• (ISC)2 – An international association for information security leaders, committed to helping its more than 140,000 certified members learn, grow and thrive. There is a local chapter located in San Diego.
• AITP – The Association of Information Technology Professionals was created in partnership with CompTIA, and serves as the go-to resource for individuals seeking to start, grow and advance a career in technology. There are local chapters in San Diego and Los Angeles.