Logo Image

Cyber attack preparedness

UD program helps small businesses develop the capabilities to manage cyber threats

The recent upsurge in cyber attacks has significantly increased the vulnerability of Delaware’s small business community.

In response, the Delaware Small Business Development Center (DSBDC), a unit of the University of Delaware’s Office of Economic Innovation and Partnerships (OEIP), developed and launched an initiative to prepare these businesses to respond to such threats.

The program, DatAssured, is designed to raise awareness in the small business community and to develop the capability to manage the threat and the potential impact of an attack with minimum business disruption. DatAssured is a component of the UD Cybersecurity Initiative, which was established in 2014 following the award of a National Science Foundation grant to the University’s Department of Electrical and Computer Engineering (ECE) in 2012.

Ken Barner, professor and chair of the ECE department, said, “Cybersecurity is critical to institutions of all sizes, but is particularly acute for small businesses with limited resources. The strong partnership between the University, including the ECE department, the Cybersecurity Initiative, and DSBDC, and the Delaware Department of Technology and Information (DTI) is critical to addressing the security landscape that will help support Delaware small businesses.”

Since its inception, the DatAssured has received strong endorsement from the business community. Six workshops targeted to different industry segments have been offered to the small business community to educate business owners on cybersecurity best practices and how to recover from a cyber attack.

Attendees from each workshop worked through and left with the DatAssured Small Business Cybersecurity Workbook, the cornerstone education piece developed by Artemis InfoSec, a cybersecurity consulting firm, and OEIP.

Following recent discussions with DTI, the program was reviewed with Gov. Jack Markell’s Delaware Cyber Security Advisory Council (DCSAC) with the proposal that DSBDC take the responsibility to coordinate and integrate such activities into a statewide initiative. The DCSAC formally adopted small business as a priority and assigned the DatAssured program to its Sub Committee on Best Practices.

James Collins, the state of Delaware’s chief information officer, said, “This program meets a critical need within the business community. We are excited about the partnership with UD and how this initiative complements the work of DTI and the Delaware Cyber Security Advisory Council.”

The initiative was discussed recently at the seventh annual Secure Delaware Workshop in Dover where DSBDC conducted two break-out sessions in the day-long conference targeted at small businesses. One session coached the businesses to carry out a risk assessment and develop a recovery plan. The other session was a panel discussion between the major cybersecurity educators across the state to update attendees on progress and to allow attendees to suggest opportunities for program expansion and education improvement.

Two areas were uncovered. One was a program to raise awareness among the small business community regarding the seriousness of the threat thereby encouraging them to participate in the program. The other was to customize the program by business segment and to relate risk to Delaware’s cyber security policy and procedures.

According to Daniel Eliot, who manages the DatAssured program, “The last year of this program really highlighted the need for cybersecurity education targeted towards small businesses. We were excited to see so many people engaged at this conference and to hear suggestions from small businesses and cybersecurity vendors on how we can continue to improve and expand DatAssured.”

David Weir, director of OEIP, noted that “the success of this program gives us a glimpse into the capabilities that UD possesses to affect positive change and improve the prosperity of the state when it shapes and aligns its strengths to the needs of the state and the private sector.”