Protecting Your Business From a Cyberattack

Most companies use computers to manage at least some part of their business operation so ensuring that data remains safe is a priority. Data breaches that expose sensitive, confidential, or proprietary information can be costly…and not just in terms of the immediate monetary impact on productivity and sales revenues. Additional damage to intangible assets like reputation and customer goodwill can also be substantial.

CIRAS is partnering with four Iowa cybersecurity firms for a timely, in-person presentation on protecting companies from a cyberattack. The workshop, “Secure Your Business,” will be held Friday, March 25, from 9 a.m. to 2:30 p.m. at the Gateway Hotel and Conference Center in Ames. A range of topics will be covered including security practices for small- to medium-sized businesses, a group that is especially vulnerable due, in part, to an overconfidence about their place in the growing cybersecurity threat.

“A common misconception is ‘I’m too small to attract hackers,’” said Shankar Srinivasan, CIRAS project manager and event organizer. “In reality, smaller companies are attractive to hackers because they tend to have weaker online security.”

According to data, added Srinivasan, 10 percent of small businesses affected by a cyber-incident never recover and end up closing their doors.

“Cybersecurity is a critical component of every company’s journey towards digitization and achieving Industry 4.0/profitability,” added Srinivasan. “It can mitigate your risk of an attack and ensure business continuity and stability. In addition, as your customers digitally transform to advance their business, they prefer to work with vendors who can safeguard their information. A business with cybersecurity measures in place could become a preferred supplier leading to new contracts, opportunities, and growth.”

The workshop will include sessions on supply chain cybersecurity, how to respond to a cyber-incident, and how to secure your IoT. In addition, a session covering updated information on the Cybersecurity Maturity Model Certification 2.0 (CMMC) framework will offer insights for current and prospective defense contractors and subcontractors. All suppliers in the defense industrial base will eventually be required to obtain CMMC certification and prove that they have the necessary practices in place to protect sensitive information.

“The original CMMC framework is being simplified to reduce implementation costs and ease the compliance burden on government contractors,” said Jodi Essex, government contracting director with the CIRAS Procurement Technical Assistance Center (PTAC). She added that full implementation could be in effect by 2024.

For more information related to government contracting, contact Jodi Essex at or 515-509-0769.

For more information related to the workshop, contact Shankar Srinivasan at or 515-290-6702)

Event registration is available online at: