Specifications include, but are not limited to: Dakota State University recently received an award from the U.S. Small Business Administration to help small businesses with cybersecurity. One aspect of the program is phishing assessments, which includes security awareness. Phishing is the most common attack performed by cybercriminals, and if criminals are successful, they can comprise and cause financial and reputational harm for a small business. We are seeking a vendor to operate a phishing program for various small businesses in South Dakota. The ideal partner has an existing KnowBe4 license, or something similar, and can setup and manage different programs for small businesses in South Dakota. Phishing assessment and security awareness training capabilities. The vendor will provide examples or descriptions of preview work for similar institutions and organizations. This section should include the vendor’s proposed process for providing phishing assessment and security awareness to small businesses in South Dakota. Small businesses are defined as having less than 500 employees. The proposal should include the support needed to enroll, manage, support, and report security awareness campaigns through phishing programs for different small businesses in South Dakota. The program will start in November of 2022 and continue through August of 2023. It is expected that each enrolled entity will be an active participant in the phishing awareness and security awareness campaign at least monthly during program period. Submit measurable goals and results: The vendor shall submit an annual evaluation of overall campaign progress and effectiveness. Reports will include the number of small businesses enrolled, campaign activity, and progress on effectiveness.