Communal Cybersecurity Program
Accessing the expertise, funding, and training needed in a rapidly evolving threat landscape can be overwhelming for many of our communal organizations. It was recognition of these challenges which drove the addition of cybersecurity support as a service provided by CJP’s Communal Security Initiative.
CJP’s Communal Cybersecurity Program supports a thriving Jewish community by helping our partners understand and address ever-increasing cybersecurity threats. Many organizations, from synagogues to schools to social service agencies, can benefit from increased protection against ransomware, phishing attacks, viruses, and other online threats.
Our Communal Cybersecurity Program offers free online cybersecurity training for staff members and lay leadership, as well as access to a preferred set of cybertechnology vendors to perform cyber risk assessments and deliver other cybersecurity services at a manageable cost. This program addresses potential cybersecurity threats, facilitates access to services, and provides funding assistance to eligible organizations within CSI's Regional Catchment Areas.
Interested in learning more about cybersecurity training or cyber risk assessment for your organization?
Related Links
- CJP's Cybersecurity Risk Management Webinar 2024
- CJP's Cybersecurity and You Webinar 2021
- CJP's Cybersecurity and You 2021 slide deck
- SANS Institute Security Policy Templates
- SANS Institute Newsletters (NewsBites, @Risk, OUCH!)
- SANS Institute Security Awareness Work-from-Home Deployment Kit
- Cybersecurity & Infrastructure Security Agency (CISA) website
- CISA Resources
It All Starts with Education
Cybersecurity education plays a critical role when it comes to protecting financial resources and sensitive information. For this reason, CJP’s Communal Security Initiative is pleased to be able to provide free cybersecurity training for staff and lay leaders of partner organizations within our catchment area. Find out more about how to enroll.
CJP’s Road to Cybersecurity
Cybersecurity is an ongoing process — we are here to help you get started and guide your organization along the road to better cyber awareness and data security.
CJP’s cybersecurity program involves three major areas of progression: Assess, Address, and Expand. We understand that organizations may be in different stages along their way to increased cybersecurity, and our approach reflects this knowledge.
Step 1: ASSESS
Organizations with no formal cyber program or previous cyber efforts
- A cybersecurity risk assessment is often the best course of action
- Full funding available through CJP
- Estimated length of time to complete: 2–4 weeks
CJP's preferred vendor will perform a cybersecurity risk assessment, which involves a series of interviews with IT staff/key management personnel regarding the operational and control processes relating to cybersecurity. The cyber vendor then delivers a report showing areas of significant risk/gaps in your cybersecurity process.
Our preferred vendors understand that not every organization is in the same place with their cybersecurity, and that getting started can be a daunting task. Through the vendor’s expertise and CJP’s guidance, your organization will achieve a better understanding of your current cyber risks and have a prioritized plan to address those risks to bolster your organization’s overall cyber posture.
Step 2: ADDRESS
Organizations who have identified areas of risk and may have some formal processes
- Specific plans and projects to address areas of risk
- Estimated length of time to complete: several months
Once an organization has gone through a cybersecurity assessment giving them a full understanding of their risks and areas of concern, this second stage entails addressing the risks outlined in the assessment report in a prioritized manner. This can include the formalization of policies, operational controls, incident response plans, and technology upgrades — all aimed at reducing risk and increasing cyber maturity.
Step 3: EXPAND
Organizations who have addressed their most immediate risks and are ready to expand their cyber resilience through added technology, cyber services, or automation
- Major cyber technology and automation projects
- Estimated length of time to complete: months to years
As an organization addresses the risks outlined in their assessment, they will see opportunities to further expand and automate their cybersecurity processes. In this third stage, organizations are guided towards becoming more self-sufficient in maintaining their cybersecurity processes and implementing more advanced technology and automation than currently exists within their operations.