San Diego Business Journal
The city government of Carlsbad is offering a new and timely service to small businesses within its city limits: a program that will help businesses brush up on their cyber hygiene.


Lisa Easterly, President and CEO, San Diego Cyber Center of Excellence

The goal is to support companies in the age of ransomware and data breaches.
Under a $34,500 contract with the San Diego Cyber Center of Excellence, up to 250 Carlsbad companies will receive evaluations of how cyber-secure their computer infrastructure is. On top of that, business leaders will get to enroll in a training program, aimed at making them more aware of the pitfalls that can come with navigating the internet.
A third component of the program is a briefing by the local office of the FBI on the cybersecurity landscape. It includes information on who the hackers are and why they do what they do.
The announcement comes in the wake of some high-profile cyberattacks and breaches. In early May, it came to light that hackers had broken into the computer system of Colonial Pipeline Co., which transports fuel over thousands of miles from Houston to major cities on the East Coast of the United States. The operators shut down the pipeline, which created shortages. The hackers demanded a ransom of several million dollars in cryptocurrency, which Colonial paid, according to reports. The payment caused controversy.


Matt Sanford, Economic Development Manager, City of Carlsbad

Several media outlets reported that hackers were able to gain access to Colonial’s computer system by stealing a single password.

A Double Disadvantage
Matt Sanford, economic development manager for the city of Carlsbad, said the city wanted to spare its businesses from a potential double economic impact: that of the COVID-19 pandemic and a cyber intrusion.
The San Diego Cyber Center of Excellence, for its part, is “excited to partner with the City of Carlsbad” on a small business cybersecurity-awareness program that offers complementary services from RiskRecon — part of Mastercard — and ESET North America, said Lisa Easterly, president and CEO of the Cyber Center of Excellence. “We believe that a more cyber-aware business community creates regional resiliency and a more prosperous local economy, which benefits us all.”
“A more resilient business community is a better business community,” said Carlsbad’s Sanford.
Businesses can apply for the program by going to
The program is open to small businesses — that is, businesses with fewer than 100 employees — in the city of Carlsbad.
Registration for the first cohort of companies to go through the program closes on June 15. However, the city plans to offer the training again with one or more subsequent cohorts. The pilot program will run through May 2022.

Listening to the Experts
Easterly noted that many cybersecurity mishaps are a result of human error. The Carlsbad program aims to help small businesses mount a better defense against bad actors in cyberspace.
As part of the program, RiskRecon will evaluate a small business’ cyber infrastructure and generate a “cyber score” for the business. The number is similar to a credit score, showing how well prepared, or ill prepared, a company is to resist a cyber intrusion. RiskRecon can calculate its score while staying completely outside the company’s computer network.
ESET North America, a San Diego firm that offers antivirus software, will offer cyber awareness training to companies participating in the program.
Several other government agencies, both in San Diego County and farther afield, have taken an interest in the Carlsbad program and have been in contact with his office, Sanford said.
Easterly said that Mastercard is interested in publishing a case study on the pilot as part of its international City Possible campaign.