Communal Cybersecurity Program

CJP’s Communal Cybersecurity Program supports a thriving Jewish community by helping our partners understand and address ever-increasing cybersecurity threats. Many organizations, from synagogues to schools to social service agencies, can benefit from increased protection against ransomware, phishing attacks, viruses, and other online threats.  

Accessing the expertise, funding, and training needed in a rapidly evolving threat landscape can be overwhelming for many of our communal organizations.  That is why we created our Communal Cybersecurity Program – a new effort that combines the expertise of CJP’s IT Department and our Communal Security Initiative (CSI).  

Our Communal Cybersecurity Program offers free online cybersecurity training for staff members and security and technology policy templates, as well as access to a preferred set of cyber technology vendors to perform cyber risk assessments and deliver other cybersecurity services at a manageable cost. This program addresses potential cybersecurity threats, facilitates access to services, and provides funding assistance to eligible organizations within CSI's Regional Catchment Areas​. 

It All Starts with Education

Cybersecurity education plays a critical role when it comes to protecting financial resources and sensitive information. For this reason, the CJP Communal Security Initiative is pleased to be able to provide free cybersecurity training for staff and lay leaders of partner organizations within the catchment area. For more information on how to enroll please email us.

CJP’s Road to Cybersecurity

Cybersecurity is an ongoing process – and we are here to help you get started and guide your organization along the road to better cyber awareness and data security. 

CJP’s cybersecurity program involves three major areas of progression: Assess, Address, and Expand.  We understand that organizations may be in different stages along their way to increased cybersecurity.

CJP’s Communal Cybersecurity Program is pleased to offer guidance at every stage of your organization’s journey to cyber maturity.

Step 1: ASSESS

Organizations with no formal cyber program or previous cyber efforts

  • A cybersecurity risk assessment is often the best course of action
  • Full funding available through CJP
  • Estimated length of time to complete: 2-4 weeks

CJP's preferred vendor will perform a cybersecurity risk assessment, which involves a series of interviews with IT staff/key management personnel regarding the operational and control processes relating to cybersecurity. The cyber vendor then delivers a report showing areas of significant risk/gaps in your cybersecurity process

Our preferred vendors understand that not every organization is in the same place with their cybersecurity, and that getting started can be a daunting task. Through the vendor’s expertise and CJP’s guidance, your organization will achieve a better understanding of your current cyber risks and have a prioritized plan to address those risks to bolster your organization’s overall cyber posture.


Organizations who have identified areas of risk and may have some formal processes

  • Specific plans and projects to address areas of risk
  • Partial, needs-based funding available through CJP
  • Estimated length of time to complete: several months

Once an organization has gone through a cybersecurity assessment giving them a full understanding of their risks and areas of concern, this second stage entails addressing the risks outlined in the assessment report in a prioritized manner. This can include the formalization of policies, operational controls, incident response plans, and technology upgrades – all aimed at reducing risk and increasing cyber maturity.

Step 3: EXPAND

Organizations who have addressed their most immediate risks and are ready to expand their cyber resilience through added technology, cyber services, or automation

  • Major cyber technology and automation projects
  • Partial, needs-based funding available through CJP
  • Estimated length of time to complete: months to years

As an organization addresses the risks outlined in their assessment, they will see opportunities to further expand and automate their cybersecurity process. In this third stage, organizations are guided towards becoming more self-sufficient in maintaining their cybersecurity processes and implementing more advanced technology and automation than currently exist within their operation.