Case Study & Lessons Learned: Creation and Pilot of a Regional Small Business Accelerator and Cybersecurity Assessment Program

Abstract

Startup companies and originated small businesses are an essential aspect of our nation’s economy, contributing to many organizations that aim, in some cases, to become larger enterprises. As a small business is in the mode of sustaining and growth, minimizing cybersecurity and business resilience threats may not be front and center on the minds of these entities. This paper will provide a case study background about a project and effort – the New Jersey Cybersecurity Regional Cluster (NJCRC) - that has contributed significant outreach to New Jersey small businesses to provide free cybersecurity risk assessments to help small businesses prepare their organizations against technical, operational, and cyber and information security resilience threats. In addition to the background of this outreach activity, the process and procedures followed, along with the selected cybersecurity risk assessment framework, a theoretical model followed, challenges, and learned lessons are demonstrated