| NSF Org: |
DUE Division Of Undergraduate Education |
| Recipient: |
|
| Initial Amendment Date: | March 20, 2018 |
| Latest Amendment Date: | July 29, 2021 |
| Award Number: | 1800996 |
| Award Instrument: | Standard Grant |
| Program Manager: |
R. Corby Hovis
chovis@nsf.gov (703)292-4625 DUE Division Of Undergraduate Education EDU Directorate for STEM Education |
| Start Date: | March 15, 2018 |
| End Date: | February 28, 2022 (Estimated) |
| Total Intended Award Amount: | $224,983.00 |
| Total Awarded Amount to Date: | $224,983.00 |
| Funds Obligated to Date: |
|
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
26000 SE STARK ST GRESHAM OR US 97030-3300 (503)667-6422 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
Gresham OR US 97030-3300 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): | Advanced Tech Education Prog |
| Primary Program Source: |
|
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.076 |
ABSTRACT
There are more than 28 million small businesses in the US, and while an individual business may not be concerned with cybersecurity, the data suggests that alarmingly few are adequately protecting data, including customer data like billing addresses and credit card numbers. Improving the cybersecurity environment for small businesses benefits businesses directly through costs savings that result when threats, and corresponding downtime are avoided, and earnings realized with uninterrupted business operations. The public benefits more broadly since it is most often their data, and their bank accounts, that are compromised when a system is hacked or breached. To address these challenges, this project at Mt Hood Community College (MHCC) in Oregon is designed to advance efforts to support the statewide small business cybersecurity environment through Cooperative Local Internships as a Novel Innovation in Cybersecurity (CLINIC). CLINIC will create the infrastructure for ongoing efforts at the college to produce highly qualified technicians in response to local and regional workforce demands, and further support work in the field by creating a cybersecurity toolbox geared towards the needs of small businesses. The CLINIC project aims to begin the process to answer the following long-term research question: How, and in what ways, does providing the small business community with access to a better trained cybersecurity workforce, in conjunction with cybersecurity resources, impact the small business cybersecurity environment? Within the scope of this capacity building project, the Co-PIs will examine two smaller sub-questions: (1) How, and in what ways, does the CLINIC internship model improve alignment between the cybersecurity program and workforce demand? and (2) Does providing support and technical assistance to small businesses increase the efficacy of cybersecurity toolbox resources?
The CLINIC internship will provide students the opportunity to use the tools and resources, particularly a self-assessment tool, in a guided, real-life environment. The existing cybersecurity program offerings and career pathway will be refined to include a small business cybersecurity option, featuring stackable cybersecurity credentials for small business environments that double as both cybersecurity associate degree program requirements and stand-alone certifications. An expanded survey of Oregon small businesses will result in continued alignment of project and program components and allow feedback to inform project activities continually refined through the external evaluation process. This project will utilize the evidence-based approaches of career pathways and internships to contribute to, and underpin, a broader effort to transform the regional small business cybersecurity environment through a multi-pronged approach that increases technicians in the workforce, and connects the workforce with stackable small business cybersecurity certifications. The project will examine how and in what ways self-assessment tools are utilized by small businesses to prevent and respond to cybersecurity threats, how having access to these tools in combination with a cybersecurity literate workforce impacts the business environment with respect to cybersecurity, and how this project may be best replicated in other settings through an evaluation of the utility of the deliverables.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
The Cooperative Local Internships as a Novel Innovation in Cybersecurity (CLINIC) project, was a unique collaborative effort between the Cybersecurity programs and the Small Business Development Center (SBDC) at Mount Hood Community College. The goal of the project was to improve Oregon?s small business cybersecurity environment by improving cybersecurity skills in the workforce, including business owners, entrepreneurs, IT professionals, and program graduates, through the introduction of small business specific stackable cybersecurity credentials, coupled with small business specific resources/toolbox.
Students need and find value in, authentic work experiences. The CLINIC internship gave students that experience in a small business setting. By the end of the project, the internship program had been reconfigured to allow interns greater opportunities to collaborate with advisors and SBDC clients. Interns worked directly with SBDC advisors to create informational materials and how-to guides for small business owners on how to implement cybersecurity best practices into their small businesses. Interns led the design of cybersecurity self-assessments that allowed SBDC clients to better understand the cybersecurity weaknesses in their small businesses and inform the SBDC about specific areas that could improve cybersecurity education.
Over the course of the project 33 students participated as interns. It was discovered that a paid internship model was most effective and the College instituted a work-study mechanism to provide that funding. The Small Business Cybersecurity Toolbox was formalized with focus on the top 10 fundamentals of cybersecurity safety practices. These fundamentals are taught to small business through live virtual classes and one-on-one virtual meetings. Students participate in these classes and advising, and compose/create their own toolbox resources. These activities build student "soft skills" in written and verbal communications, project management, and interpersonal relationships. It was discovered this toolbox needed to be dynamic and adapt to the often quickly changing nature of the cybersecurity risks faced by small businesses.
An unanticipated impact occurred as students? interest in the project developed, not necessarily for the cybersecurity side but often more from the small business entrepreneurial side. Many interns expressed interest in starting their own business and were attracted to the internship position for that reason.
In this program students have benefitted from increased exposure to small business advising clients, and now better understand the application of their cybersecurity studies to solve problems in real businesses. Interns have applied their current technical knowledge and skills, and now also have a better understanding of how cybersecurity professionals can best serve small businesses. The important value and intellectual merit, is students obtaining real world skills and experience through the internship.
Last Modified: 04/07/2022
Modified by: Ibrahim Alhussain
Please report errors in award information by writing to: awardsearch@nsf.gov.
