Helping existing and new science and technology businesses

Cyber: CYA (SBDC TechSource)

The Colorado SBDC Network's Cybersecurity Education to "Cover Your Assets"

The Pikes Peak SBDC’s Cyber: CYA program is built to assist small and medium sized businesses by focusing on topics for all levels of business and their needs from cloud computing, security measures using social media, to securing technology to meet compliance standards in government contracting.

Upcoming Training and Consulting Events

Did You Know?

  • 3 percent of cyber attacks target small business
  • Only 14 percent of small businesses rate their ability to mitigate cyber risks, vulnerabilities and attacks as highly effective
  • 60 percent of small companies go out of business within six months of a cyber attack
  • 48 percent of data security breaches are caused by acts of malicious intent (human error or system failure account for the rest)

Free and confidential consulting and low cost workshops are available! Browse our resources and workshops below. Call us with any questions! #CyberAware


What Is SBDC TechSource?

The mission of the Colorado SBDC Network Technology Program (SBDC TechSource) is to help (1) existing and new technology businesses and (2) all businesses to grow and prosper.

With the receipt of the America’s Small Business Development Centers Technology Designation late last year, the Colorado SBDC Network can continue to provide and expand specialized expertise to technology ventures in Colorado, as well as building a robust program of specialized technology support for all business.

The Pikes Peak SBDC’s Cyber: CYA program is built to assist small and medium sized businesses by focusing on topics for all levels of business and their needs from cloud computing, security measures using social media, to securing technology to meet compliance standards in government contracting.

Risk Assessments

Contact the SBDC at or request consulting for your business risk assessment!

Resource Videos

This On-Demand Webinar Library is part of our Techsource: Cyber CYA program, consisting of workshops, resources, webinars, events, and free consulting to help business cover their assets. Below you will find a series of webinars on a variety of cybersecurity-related topics, specifically for small businesses!

Nina Amey
Pikes Peak SBDC Cybersecurity Program Manager

First Steps to Securing Your Business

This workshop will give you the basic information you will need to secure your business from day one. Make sure you start on the right digital foot!

Growing Your Business Securely

This workshop will help you safely and securely grow your business.

Cyber CYA: Cybersecurity for Basic Computing

Many organizations use various computers and communications devices in their business on a daily basis. There are certain risks associated with the use of these devices and business owners should understand what they are and decide if they are willing to accept the risks. The webinar will look at smartphones, personal devices, tablets, laptops, and other digital products most commonly used. The presenter will identify weaknesses, and vulnerabilities and explain best practices to reduce unacceptable risks and methods to recognize threats and eliminate them.

Cyber CYA: Artificial Intelligence (AI) and the Internet of Things (IoT)

Cyber CYA: Requirements Under Colorado and National Breach Law

Cyber CYA: The Accidental Insider Threat

Cyber CYA: How to Find a Good Cybersecurity Company

It is no secret that cyber security is a significant focus for many businesses. With new laws taking affect in Colorado, California and other states, organizations need to understand the risks posed by the computer systems used to manage their day to day activities. How does a business owner shop for a good cyber security company and be assured that they can provide reasonable services that won't break their budget? How does a person be assured that the consultant they hire has the right skillset and will not use scare tactics to intimidate them to purchase services that are not necessarily needed? The presenter will cover these topics and explain how to shop for credible, economical and reasonable cyber security services which will allow them to operate their business more securely.

Cyber CYA: Cybersecurity for Small Businesses

Many small businesses are worried about complying with cyber security requirements but are not sure what they should be looking at. PCI-DSS, HIPAA and other privacy laws are the most common concerns among business owners. In this webinar, we will break down cyber security and explain the minimum things you should be aware of in your business. You will be shown how to conduct a self-assessment of your business processes so as to identify unacceptable risk and mitigate it effectively. The presenter has extensive experience in multiple industries and will be available to respond to questions after the presentation.

Cyber CYA: Policies for Personal Use, Managing Devices on Your Network

Many organizations do not invest in mobile technology for their employees due to the expense and difficulty of managing accountability of the devices. The strategy for many businesses is to allow their employees to use personal devices on the organization's WIFI network. While this strategy may be advantageous, it does bring risk to the organization. Managers should ask a few questions before allowing this type of access. Bring Your Own Device (BYOD) strategies should include formalized policies that address acceptable use of approved devices and roles and responsibilities for users interfacing with certain types of organizational information and data. The presenter will look at several case studies and discuss implications that the audience should consider before implementing a BYOD program.


Russian Cyber Attacks – Memo for Small Businesses

February 24, 2022

Memo for all Small Businesses

From: Dr. Shawn P. Murray, President of Murray Security Services and Lead Cyber Consultant at the Pikes Peak Small Business Development Center (SBDC)
As the world watches further developments between Russia and the Ukraine, many small business owners and managers are wondering what effects there may be on their businesses. It is a good question to ponder, considering that it has been reported that Russia began planning their invasion many months in advance to include cyber attacks on Ukraine’s government and elements of their national critical infrastructure. It has been reported by the FBI and intelligence sources that the Russia planted malware, to include ransomware and advanced persistent threats (APTs) months in advance to degrade Ukraine’s communications and create chaos for government, military and civilians.

World leaders vow to hold Russia accountable and have already imposed sanctions to include freezing bank accounts and restricting Russia’s ability to trade using the American dollar and the Euro. More sanctions will put pressure on Russia to respond to these measures and we believe that may include increased attacks on businesses that are vulnerable to cyber attacks like ransomware in order to raise funds to continue their activities.
As a small business, it is imperative that you have an understanding of your most critical business processes and develop a continuity strategy and plan to protect your assets. Ask yourself these questions to get started:

  1. What information or data does my business process, transmit and/or store?
  2. How is the information or data protected from a cyber-attack or unauthorized disclosure or breach?
  3. How often do you back up your critical information or data? Do you store the backups off site?
  4. What critical applications or programs are required to keep your business operating?
  5. Do you have a backup strategy if these applications or programs are no longer available due to a cyber-attack?
  6. What critical systems or devices are required to keep your business operating?
  7. Do you have a backup strategy if these systems or devices were no longer available due to a cyber-attack?
  8. How long can your operation be down due to a cyber-attack before it negatively disrupts your business?

As a business owner/operator, you must have a contingency plan in place with a solid understanding of effective responses to the questions above. You should have a prioritized list of your critical processes and a recovery schedule for them. You should perform resilience tests as well to ensure you address any deficiencies.

As a small business, this can seem a bit overwhelming! Where does one start to address each area? You don’t have to figure this out on your own. Contact the Small Business Development Center to set up an appointment with a cyber consultant so they can help you create a plan. Other SBDC resources include business continuity, disaster recovery and financial planning to help you mature an effective approach to better understand your business and protect it!

US braces for Russian cyberattacks as Ukraine conflict escalates Here’s how that might play out
By Rishi Iyengar, CNN Business
Updated 8:12 AM ET, Thu February 24, 2022

US officials tell businesses to watch for potential ransomware attacks after Biden announces Russia sanctions
By Sean Lyngaas, CNN
Updated 8:58 PM ET, Tue February 22, 2022

Our Cyber Team

Cybersecurity Resources

ASBDC North Star CMM

North Star CMM has developed resources for small businesses that cover a variety of topics and can help your small business navigate the sometimes overly complicated subject matter of cyber and data protection. In addition to our own resources, below you will find resources available from partner organizations that have developed their own materials.

Colorado Governor's Office of Information Technology

The mission of OIS is to provide leadership in the development, delivery and maintenance of an information security program by safeguarding the state’s information assets against unauthorized use, disclosure, modification, damage or loss to support Colorado’s mission to provide secure and sustainable services.

OIS is directly aligned with the goals and objectives of the National Strategy to Secure Cyberspace. Working closely with federal, state, local and private sector partners, the Office of Information Security actively gathers and analyzes information on cyber threats and vulnerabilities that present risk to the state’s information systems or the critical information managed within.

Resources for Small and Midsize Businesses (SMB)

Cybersecurity is critical to any business enterprise, no matter how small. However, leaders of small and midsize businesses (SMB) often do not know to begin, given the scope and complexity of the issue in the face of a small staff and limited resources. To help business leaders get started, the Cybersecurity & Infrastructure Security Agency (CISA) has provided a list of top resources specially designed to help SMBs recognize and address their cybersecurity risks.

Information for Federal Government Contract Compliance and Certifications
DAF CISO Blue Cyber

DAF CISO’s Blue Cyber is dedicated to an early-partnership with Defense Industrial Base small business contractors and potential contractors to arm them with the latest in cybersecurity best practices. 

Federal Communications Commission (FCC): Cybersecurity for Small Business
Federal Small Biz Cyber Planner

This tool helps businesses create custom cybersecurity plans. The Small Biz Cyber Planner includes information on cyber insurance, advanced spyware, and how to install protective software.

National Initiative for Cybersecurity Careers and Studies
  • National Initiative for Cybersecurity Careers and Studies recently re-designed their website. This site includes training information with over 3,000 courses you can search to locate a cyber-specific course near you to enhance your skills and knowledge. You can become a course vendor and have courses added to the course catalog at no cost.
  • On this website, you can also learn about the National Cybersecurity Workforce Framework. This Framework breaks down the cyber field into various competencies which in turn help students understand which area of cyber they want to join and what to study in school. It helps the businesses and governments hiring these graduates because they can better post jobs with the appropriate language aligning to the Framework, thereby hiring the correct talent as well.
  • For government employees (include state and local) as well as for veterans, there is a link for the Federal Virtual Training Environment, a portal with free online cybersecurity courses for employees looking to enhance their cyber skills and training opportunities.
National Institute of Standards and Technology (NIST)
America's Small Business Development Center (ASBDC) NorthStar Small Business Data/Cyber Protection Awareness

Powered by National Cyber Security Alliance, this resource educates and empowers the global digital society.


The Colorado SBDC Network is the recipeint of an SBA grant to support small business cybersecurity education.


Skip to content