Sign In

Small Business Cybersecurity Resilience in Maryland

PoweredbySBA.pngThe Maryland Department of Commerce was awarded Cybersecurity for Small Business Pilot Program funds from the U.S. Small Business Administration. The funds were used to create the Small business Cybersecurity Resilience in Maryland (SCRIM) program, which includes training and direct services for 40 small businesses to help them mitigate future cyber attacks through employee training and the installation of advanced hardware and software up to $10,000 per business. 


Program participants will benefit from the following services: 
  • Security scans of existing cybersecurity systems, performed by contracted service providers.
  • Complete cybersecurity hygiene training for all employees. Training includes: password creation, data backups, physical security, phishing scams, and incident response, as well as a more intensive curriculum designed for specific industries.
  • Selected employees, as identified by the security scan, will complete more extensive training regarding cybersecurity fundamentals, tailored to their level of knowledge. Additionally, these selected employees will complete industry-specific training regarding issues of particular concern to their business. 
  • Mitigation services contractors will supply and install the highest priority hardware and software, as identified on the security scan, up to $10,000 per business.


To provide the maximum benefit to program participants, we will use selection criteria to target small businesses demonstrating the most critical need for cybersecurity. Eligility requirements include: 
  • Companies with 50 employees or fewer.
  • In the following industries: Retail, restaurants, finance, healthcare, or manufacturing.
  • Stage of business: Require companies to have reached an operating stage with revenues from products or services; hence, pre-revenue businesses will not be eligible for this program. 
  • Businesses must be in operation for less than three years to be eligible for this program, per recent SBA guidance.
  • Knowledge level: The program will be a requirement that all employees of the business complete training on this essential topic, and they will also be required to demonstrate a basic level of knowledge by passing a test on the topic.


Applications are no longer being accepted at this time. Any updates to the program will be posted on this page.


Brandon Cannaday
Cybersecurity Program Manager
Maryland Department of Commerce


Funded, in part, through a Cooperative Agreement with the U.S. Small Business Administration. All opinions, and/or recommendations expressed herein are those of the author(s) and do not necessarily reflect the views of the SBA.