Community Cyber Security Support

[IMPACT] Please describe your proposed solution.

Cyber/Information Security is an ongoing fight against the bad actors (scammers, malicious activity) and building awareness among users and teams.

I have always been a proponent of taking information and making it easy to find and understand. Often times, information is spread out far and wide. In addition, it is typically not designed for both non-technical, and technical minded folks to both understand.

I want to provide several services to help improve this problem:

• Site for knowledge sharing
• Meetings to review Cyber Security Topics and Reviews for Teams
• Meetings to train individuals, and to review questions from individuals

[IMPACT] Please describe how your proposed solution will address the Challenge that you have submitted it in.

My proposed solution will address the challenge in the following ways:

• Build awareness among daily users, reducing the overall success of bad actors and scammers, and improving safety for the community and users.
• Build security and confidence of teams building new applications in the ecosystem.
• Improve knowledge among everyone, effectively creating the footprint of knowing how to protect oneself and sharing that knowledge broadly.
• Create a place for individuals and teams to learn and educate on social engineering, phishing, intrusions, and many more types of attacks, to include current and most common threats.

[IMPACT] What are the main risks that could prevent you from delivering the project successfully and please explain how you will mitigate each risk?

Potential Risks:

• I prefer to call these awareness items for this effort, in which I need to stay alert of.
• Providing knowledge to individuals and teams in such a way that it is easy to understand and take action on.
• Staying up to date and aware of new and emerging attacks myself.
• Dev/website design and building

[FEASIBILITY] Please provide a detailed plan, including timeline and key milestones for delivering your proposal.

Outlined Plan:

• Q3 2022:
• Schedule 3 meetings per week (Mon, Wed, Fri) (one hour each) for individual sessions. These sessions can be used for anything the user prefers but related to protecting themselves and growing their knowledge in this area.
• Schedule 2 meetings per week (Tue, Thurs) (one hour each) for team sessions. Thes sessions can be used for anything the team prefers to include the same topics covered in individual sessions above, as well as security architecture reviews (not audits).
• Twitter space once per week, or other social avenues for broad community sharing, vs the specific individual or specific team.
• All of 2022 and continued into 2023 (life of the project)
• 10 hours per week
• Q3-Q4 2022:
• Build initial website. Sections contained:
• Knowledge Center
• Individual Form and Team Form
• Community Ideas and Community Articles. As well as advisor and expert article section (All Security related)
• Q4 2023/Q1 2024:
• Release a community survey on feedback and additional ideas
• Continuously evaluate and determine if the schedule needs to be improved.

[FEASIBILITY] Please provide a detailed budget breakdown.

Budget:

• 100k - Proposer income. The goal here is to user catalyst funding to provide cost-free services to the community around Cyber Security, on a timeline of one year. This project will continue, but the funding is specific to the one-year timeline
• 20k - expenses for website development and related costs, as well as unexpected expenses for new features

[FEASIBILITY] Please provide details of the people who will work on the project.

People that will work on the project:

• I will be the only member on this project
• I will hire at a web developer to help build out the initial website
• As the project develops in the future, there will be considerations of hiring other potential experts, or devs. That is future-state.

[FEASIBILITY] If you are funded, will you return to Catalyst in a later round for further funding? Please explain why / why not.

I do not know for sure, if I will return to Catalyst. Currently my desire is to help our community and not charge any individual or team for that help. Therefore, Catalyst will at least be a consideration.

[FEASIBILITY] Are you or any member of your team working on any other proposals in this Fund9?

[FEASIBILITY] Are you or your team working on any other proposals from previous Funds?

[AUDITABILITY] Please describe what you will measure to track your project's progress, and how will you measure these?

Metrics and KPIs to track the project's progress:

• The total of meetings scheduled and completed each week
• Per individual, per team, per community-wide
• Website launch
• Website usage tracking as well

[AUDITABILITY] What does success for this project look like?

Success Criteria:

• Defined criteria:
• First quarter:
• 75% of meetings scheduled and completed
• New information topic posted by myself once per bi-weekly
• Second quarter and beyond:
• 100% of meetings scheduled and completed
• New information topic posted by myself once per week
• New information topic posted by community member or expert once per week
• Arbitrary - undefinable criteria:
• Reduced footprint of successful malicious acts, social engineering, scam attempts

[AUDITABILITY] Please provide information on whether this proposal is a continuation of a previously funded project in Catalyst or an entirely new one.

This is an entirely new proposal and is not a continuation of any previously funded project.