Small to medium sized businesses can get the information, education and support they need to comply with new Dept. of Defense (DoD) information security protocols through the Alabama Cybersecurity Coaching, Education and Support Services (ACCESS) program.
A partnership between the Office for Operational Excellence (OOE) and the Information Technology and Systems Center (ITSC) at the University of Alabama in Huntsville (UAH), ACCESS is supported by a one year, $500,000 grant awarded by the Dept. of Defense Office for Economic Adjustment.
OOE and ITSC will assist Alabama companies in becoming compliant with the new DoD cybersecurity requirements and in affordably developing plans to improve cybersecurity systems.
A free, two-hour workshop is planned Oct. 31 at the Huntsville/Madison County Chamber of Commerce, 225 Church St. NW, in conjunction with the UAH Small Business Development Center (SBDC), the UAH Procurement Technical Assistance Center (PTAC) and the Huntsville/Madison County Chamber of Commerce.
Future workshops will be held across Alabama. “We are collaborating with the SBDCs and PTACs across the state, along with several Chambers of Commerce and economic development agencies, to reach more of the suppliers in Alabama and to conduct the workshops,” says Joe Paxton, OOE director.
Workshops will cover what the DoD supplier requirements are, why compliance is important, the compliance process and how ACCESS can help.
“All DoD suppliers that fall anywhere within the supply chain and handle Controlled Unclassified Information (CUI) are required to have certain controls in place to protect that information,” says Tucker. “Safeguarding this information is critical to national security and the security of our DoD industrial base.”
The average cost of a data breach is $7.3 million, according to the 2017 Ponemon Cost of Data Breach Study sponsored by IBM. The Small Business Administration says many small businesses that suffer a data breach go out of business within six months.
“Furthermore, companies that are not compliant could be at risk of losing current DoD contracts or not being able to bid on new ones,” Tucker says.
Among breach companies, 61 percent have fewer than 1,000 employees and many typically do not have the resources to fully understand and address DoD requirements, which is why support is being offered, Tucker says.
“Additionally, suppliers in lower tiers of the supply chain may not yet know about the requirements,” he says. “The workshops we are conducting will help educate them and the technical assistance will help them become compliant.”