Proposal
Chris Evans
Group H
CYSE 494 Entrepreneurship in Cybersecurity
Old Dominion University
Summer 2023
What is problem being addressed?
My proposal is to create Big Blue Cybersecurity Consultants (BBCC) a cyber security consulting company leveraging the expertise of cybersecurity graduates of Old Dominion University and offering the marketplace the services of, employee security awareness and training, vulnerability assessments, secure network configurations, and network monitoring. Currently cybersecurity is a field that is growing exponentially as more people, businesses, and organizations move online and need to be protected from hacks and attacks. This requires a competent technical workforce to ensure that the computers and networks we rely on for infrastructure, education, and commerce are secure against disruptions, thefts, and destruction. Cyber-attacks and ransom ware losses and damages have entered the billions of US dollars to our economy. Our consultancy addresses the fears that organizations have as they rely on complex computer systems and networks, amass large amounts of data that needs to be kept confidential, and navigate regulatory frameworks that require technical knowledge to fully comply with. Many organizations lack the resources to devote to in-house cybersecurity teams, or those teams lack expertise in the complex and dynamic threat landscape. BBCC stays up to date on the threat landscape, attack techniques, and solutions to keep customers networks secure and operational. For many companies a loss of computer resources can have catastrophic consequences affecting market reputation, regulatory compliance, and continued operation. With our knowledgeable team of experienced employees and technicians we help organizations keep their computer infrastructure and data available when they need it, confidential and hidden from unauthorized disclosure, and sound and secure from unauthorized modifications.
How do you know it’s a problem?
Big Blue Cybersecurity Consultants is a small group of highly educated graduates of Old Dominion University’s Cybersecurity program, a recognized National Security Agency National Center of Academic Excellence in Cyber Operations. ODU students benefit from a cybersecurity curriculum that is interdisciplinary and rigorous, as only 12 bachelor’s programs across the US have achieved this designation. Our team members are educated on the current state of cybersecurity and cyber threats as well as best practices on how to protect the networks of our clients. This broad cybersecurity knowledge base and technical skill informs our team of the multitude of problems organizations can have when they create and use computing resources and networks, and the types of cyber criminals and hackers that exist attempting to take advantage of them. A testament to the necessity of professional cybersecurity consultant services is the increasing amount of cybercrime and ransomware attacks affecting millions of Americans and costing billions of dollars in lost revenue, regulatory penalties, and infrastructure repair. Companies without strong cybersecurity policies are in danger of being attacked and compromised by an ever-growing number and severity of cyberattacks.
What are you going to do about the problem?
In order to help our customers strengthen their cybersecurity posture, Big Blue Cybersecurity Consultants offers four main services. The first is employee security awareness and training. This is training based on industry best practices and current technology and designed by BBCC for employees or users in your organization to use their computing resources safely and effectively. We teach how to avoid common social engineering attacks, safe computer usage, and what types of behavior is needed by all users to keep an organization secure. We also provide the organization with ways to continue to monitor and track employee behavior for safety and compliance. Our second main service is vulnerability assessments of an organizations digital assets, systems, and infrastructure in search of vulnerabilities and weaknesses that could be used for an attack. We will discover these vulnerabilities and weaknesses and then generate a report on our findings and begin working to resolve these issues. The third service we offer is designing secure network configurations for your organizations needs, budgets, and regulatory jurisdiction. We will design your network, choose devices, and implement the most up to date security configurations and protocols to maximize security and limit vulnerabilities that attackers can take advantage of. This will help your organization implement access controls, monitoring, and logging, and ensure redundancy and availability. If the customer chooses, they can also select our fourth core service network monitoring where we continue to provide support, patch management, monitor logs, and monitor network activity for unusual or malicious activity.
What barriers do you expect to confront?
Barriers we expect to confront include the reluctance of organizations to begin working with a new startup security company, gaining customer trust about our recommendations, and reluctance of organizations to prioritize cybersecurity. Choosing to work with a new startup is always a gamble and so we hope to gain our customers trust by providing solutions to their problems in a professional, fast, and thorough manner. We will prove ourselves to be reliable sources of guidance for the problems of our customers as we gain their trust and commit ourselves to growing our consultant’s knowledge experience. Gaining our customers trust will be critical to retaining them as customers and will be accomplished through BBCC choosing to remain focused on satisfying fewer clients, rather than growing the number of clients early on. We want every client to know they are not a number but a relationship we hope to build long term. The remaining big barrier we foresee is organizations being reluctant to commit to prioritizing cybersecurity and spending resources in that direction. We will overcome this buy educating our clients about the importance of securing their networks and being in regulatory compliance. Gaining the complete participation of those in control of decisions making in our client’s organizations will be critical to implementing our recommendations and improving their security.
How will you know if you are successful?
Success to Big Blue Cybersecurity Consultants will rest upon three points, gaining customers and earning their repeated business, successfully defending and securing computers and networks preventing loss to our customers, and creating relationships within the cybersecurity community to raise public knowledge of cybersecurity topics and our team members continued growth and maturation in the industry.
To gain customers and earn their repeated business BBCC must have professional knowledgeable consultants, efficient processes, and the skills to implement solutions for our customers. The biggest indication we are helping customers solve their cybersecurity problems is their repeated business and growing working relationships we will develop as they trust our expertise and solutions.
Successfully defending and securing organizations computers and networks is the core of our business. This relies on our experienced consultants who can understand business needs, technological requirements, and threats and vulnerabilities of those technologies. Our consultants will be constantly learning new technologies, keeping up to date with threats and vulnerabilities, and well versed in best practices and regulatory frameworks. When we can fully implement knowledge-based solutions, we can be proud to defend our customers from cyber-attacks and accidents.
Our third point of success is creating relationships within the cybersecurity community to raise public knowledge of cybersecurity topics and our team members continued growth and maturation in the industry. BBCC wants to create a safer future for us all, and that means being involved in the cybersecurity industry and promoting cybersecurity to society at large. We hope to educate users in secure computing and protecting themselves and their computer resources from attacks or compromise. We hope to grow and mature our own consultants with mentorship, continuing education, and building their professional network.