Cybersecurity Awareness Month 2023

OSBP is Raising Awareness and Supporting Small Business with Resources, Tools, and Training 

Cybersecurity Awareness Month was established twenty years ago by The President of the United States and U.S. Congress as a dedicated month for the public and private sectors to work together to raise awareness about the importance of cybersecurity.

In recognition of the 20th anniversary this year, the Cybersecurity Infrastructure and Security Agency (CISA) announced a new cybersecurity awareness program, Secure Our World. This new program is designed to make cybersecurity a discipline we incorporate each and every day to protect ourselves when online or using connected devices. The program promotes best practices and behavioral change, with a particular focus on how to protect yourself, your family and your business from online threats.

The Office of Small Business Programs (OSBP) is partnering in this nationwide effort to raise awareness about the importance of cybersecurity, especially for small businesses who are seeking opportunities with the U.S. Department of Defense. Each week throughout the month of October we will focus on a specific cybersecurity concern relevant to small businesses seeking federal contract opportunities. Be sure to follow us on social media and check this page frequently for updates.

Week 1: Basic ProtectionsBASIC PROTECTIONS
Our campaign kicks off with a focus on the four pillars of CISA’s Secure Our World program:

  • Using strong passwords and a password manager
  • Turning on multifactor authentication
  • Recognizing and reporting phishing
  • Updating software


Cybersecurity Support & Training Resources

Department of Defense Cybersecurity Maturity Model Certification (CMMC)

The Cybersecurity Maturity Model Certification (CMMC) is a program from the U.S. Department of Defense (DoD) that ensures contractors protect sensitive information. The program is designed to increase trust in compliance with National Institute of Standards and Technology (NIST) standards. 

The CMMC Program: 

  • Enforces the protection of sensitive unclassified information shared by the DoD with its contractors and subcontractors
  • Combines controls from NIST SP 800-171 and other sources
  • Streamlines requirements to three levels of cybersecurity
  • Applies to organizations supporting the DoD or higher education research institutions handling the following types of data:
    • Federal Contract Information (FCI)
    • Controlled Unclassified Information (CUI)
    • Covered Defense Information (CDI)

Get Help to Become CMMC Certified:

  • Project Spectrum is a cybersecurity education, awareness, and compliance resource from the DoD Office of Small Business Programs to provide the tools and training needed to increase cybersecurity awareness and maintain compliance in accordance with DoD contracting requirements.


Project Spectrum

  • Training Courses - Free of charge courses for small business to increase cyber knowledge and raise the overall level of cybersecurity hygiene. Registration required.
  • Cyber Readiness Check - If you are handling Controlled Unclassified Information (CUI) or Federal Contract Information (FCI) on your network or information systems, there are compliance standards you are required to meet. Taking one of our Cyber Readiness Checks will help you determine your current level of security based on NIST 800-171,Cybersecurity Maturity Model Certification (CMMC) Level 1 and CMMC Level 2 requirements. These readiness checks serve as a great first step in your cybersecurity journey. Registration required. 
  • Cyber Readiness Check Training - Our Cyber Readiness Training videos cover all NIST 800-171, CMMC Level 1 and CMMC Level 2 controls in a fun and engaging way. Prior to taking one of our Cyber Readiness Checks, please take some time to enjoy these videos and prepare yourself to conduct your self assessments. Registration required. 
  • Useful Tools - Independent, third-party assessment of various cybersecurity-related platforms prepared by our cyber advisors. These reviews are vendor-agnostic and should not be interpreted as an endorsement for any product or platform. Registration required. 


Cybersecurity Infrastructure and Security Agency (CISA) - Secure Our World Campaign


National Institute of Standards and Technology (NIST)


National Cybersecurity Alliance

The National Cybersecurity Alliance’s CyberSecure My Business™ is a national program helping small and medium-sized businesses (SMBs) learn to be safer and more secure online.

Organizational Resources

Cybersecurity Infrastructure and Security Agency (CISA) 

Resources and messaging for organizations to use when talking with their employees, customers, and memberships about staying safe online are available from CISA, the operational lead for federal cybersecurity and the national coordinator for critical infrastructure security and resilience. 

National Institute of Standards and Technology (NIST)

Each week NIST is publishing a blog about one of the key focus areas of the 2023 Cybersecurity Awareness Month campaign. NIST has partnered with other federal agencies to help raise awareness about cybersecurity and engage with public and private sector partners through events and initiatives to raise awareness about cybersecurity, provide them with tools and resources needed to stay safe online, and increase the resiliency of the Nation in the event of a cyber incident.

National Cybersecurity Center of Excellence (NCCoE)

We collaborate with the public to serve the public. Our mission is to solve organizations’ most pressing cybersecurity challenges. Explore our guidance, engage with our teams, and learn more about how you can get involved today.

National Cybersecurity Alliance

Digital resources about cybersecurity and staying safe online for home, work, school, or throughout your community. The Alliance is a non-profit organization on a mission to create a more secure, interconnected world and they do this by creating strong partnerships between governments and corporations to amplify their message and to foster a greater “digital” good.

Project Spectrum

Project Spectrum is a comprehensive, cost-effective platform that provides companies, institutions, and organizations with cybersecurity information, resources, tools, and training. Our mission is to improve cybersecurity readiness, resiliency, and compliance for small/medium-sized businesses and the federal manufacturing supply chain.

Cybersecurity Awareness Month Toolkits and Shareables


Cybersecurity Infrastructure and Security Agency (CISA) - Secure Our World Campaign Partner Resources and Toolkit

CISA and the National Cybersecurity Alliance (NCA) have partnered to create resources and messaging for organizations to use when they talk with their employees, customers and memberships about staying safe online. To learn more about the campaign, visit