Blue Cyber Initiative provides road map to cybersecurity success for small business Published Feb. 7, 2022 By Michele Ruff Headquarters, Air Force Materiel Command WRIGHT-PATTERSON AIR FORCE BASE, Ohio -- The largest corporations in the world have been the targets of cybercrime. What chance does a small business with just a few employees have of fending off malicious exploitation? If Small Business Innovation Research (SBIR) or Small Business Technology Transfer (STTR) firms follow the Defense Federal Acquisition Regulation Supplement clauses in their contracts to the letter, their chances of being cyber-secure are excellent. The problem is that defense industrial base small businesses struggle to comply with the complicated DFARS security requirements. They may need to obtain the help of cybersecurity experts to support their business. Recently, the Department of Defense has put new effort into existing regulations to ensure small businesses contracted by the government are prepared to provide adequate protection to their networks, their intellectual property and DoD’s sensitive data. To assist in compliance, a new initiative called Blue Cyber is assisting Air Force small businesses better understand the DoD cybersecurity requirements, making them easier to navigate while also providing an outreach forum for support. The Blue Cyber program reaches out to Air Force, Space Force and DOD contractors to ensure they are aware of the cybersecurity and information protection requirements in their contracts and then supplies them with the state and federal resources to implement them. The goal is for no questions to go unanswered. Kelley Kiernan recognized the need for small business cybersecurity outreach while serving as the Chief Technology Officer in the SBIR/STTR program office. “As small businesses drive innovation and support the Department of the Air Force missions with cutting-edge technologies, it is vital we work together to protect sensitive data and networks,” Kiernan said. Kiernan, a scientist, engineer and small business champion, reached out to the Air Force Chief Information Security Officer to propose a solution.She was subsequently detailed to the office, and in her new role created the Blue Cyber initiative which is supported by the innovation arm of the Air Force and Space Force -- AFWERX. Blue Cyber has three components; the first is 20 short, ultra-relevant presentations created so that Department of the Air Force contractors, prospective companies and their government partners can understand the DoD cybersecurity and information protection regulations at their own pace. The second component is the “Air Force/Space Force Chief Information Security Officer’s Blue Cyber Ask-Me-Anything” webinar which provides current cybersecurity content and guest speakers from organizations such as National Institute of Standards and Technology and the Department of Defense Cyber Crime Center, or DC3. The unique, live events are held every Tuesday from 1-3 p.m. ET via Zoom. Kiernan and her team talk with over 100 current Department of the Air Force contractors every week, with the goal to reach prospective companies as well. These events and other Blue Cyber news may be found on LinkedIn by following USAF SBIR/STTR. Finally, Kiernan allocates three hours each day where she takes one-on-one calls. She hears company’s unique challenges and directs them to federal and state resources to guide them to cybersecurity compliance success. This outreach has the direct effect of aiding the Air Force small businesses by help them protect their own intellectual property, their employee personal information and sensitive DoD data. “Failure to protect our sensitive data will put service members and military missions at risk. We must match the aggressiveness of our cyber adversaries with radical teamwork to bring our small businesses up-to-speed in the most modern methods for comprehensive protection of DAF sensitive data and networks,” said Kiernan. Future Blue Cyber efforts will include a free Cybersecurity Boot Camp to supply contractors and prospective contractors with the most current resources. The outreach targets for 2022 include academic and research institutions as well. Blue Cyber is a roadmap to fulfillment of the DoD’s cybersecurity requirements and increased opportunities for small business innovation. For further information on the Blue Cyber Education Series see www.safcn.af.mil/CISO/Small-Business-Cybersecurity-Information/ or contact Kelley Kiernan at firstname.lastname@example.org.