Sunday, January 31, 2016

Don’t Let the Cybersecurity Blues Get You Down …Some Practical Tips That Can Really Add Up



This month’s blog post is an excerpt from our WIT Cyber & Tech SIG friend Beth Musumeci, Vice President of Cybersecurity at ICF International.


“Don’t Let the Cybersecurity Blues Get You Down …Some Practical Tips That Can Really Add Up”

By Beth Musumeci

Day by day, and almost seemingly hour by hour, cybersecurity breaches are surfacing in the news, in the papers, in notices from our banks, retailers, manufacturers, and our government; no industry and no enterprise is being spared.

The fact is, the cybersecurity challenge is not insurmountable.  Yes, there exists highly sophisticated malware and threats that are difficult to detect, and cause undesirable outcomes.  However, in most cases, the breaches about which we are hearing weren’t caused by those types of sophisticated attacks.  More times than not, basic network defense methods could have prevented these breaches, or at least could have greatly minimized their impact.

Here are a few tips to help you defend your organization against some of the most common threats:

First, be sure you understand that just being compliant with regulation isn’t enough.  You must know what vulnerabilities exist in your environment and manage those vulnerabilities, regularly and diligently.  Perform vulnerability assessments continuously, or have a provider perform them for you. Check and correct for default passwords in your network and hardware configurations. Ensure you are correcting vulnerabilities timely, and don’t just assume the corrections were completed, verify they were. (It’s the device that you thought was off the network, but was never decommissioned; or the server that was patched, but never recycled so the patch could become effective; that make common threat-vectors, and sometimes the news).

Next, understand that cybercriminals will take the trouble to know your network as well as they can. So, you must know your network, and that includes to whom you allow it to connect. A common oversight, is actually a short-sighted definition of ‘your network’.  Expand your definition beyond your enterprise and employees; include third parties too. If you have suppliers, vendors, accountants, ‘you name it,’ connecting to your environment, make sure they are following your security policy and that should include ‘their’ suppliers, too.  Don’t just assume they are, assess and verify they are.  Ensure your agreements with third parties require proof, as well as your right to verify.

Make cybersecurity a company topic, not just the Chief Information Security Officer’s campaign.  Educate staff through awareness training, and even testing. Ensure your most senior leaders take part in creating the necessary awareness, as well as in supporting the solutions to minimize the risk.  Be the catalyst to kick the blues.  The more security aware your business, the more empowering technology will be to your business.

All these measures lead us to the need to, embrace new technologies, because saying “no” will not stop them from being introduced into your environment, it just means you will be ill-prepared for the threats introduced when they find their way in – because they will.  That doesn’t mean adopt new technologies immediately, perform an assessment, and then develop a plan and policy to minimize the risks to your enterprise.  Keep your security strategy current and make sure it includes practical defense mechanisms for the technologies of today, as well as those of tomorrow.

Most important, don’t give up. The problem isn’t as overwhelming as it may seem.  Make sure you have a basic defense program in place, as well as an incident response plan should the unfortunate occur.  Use experts when needed to augment or test your program; it doesn’t have to be elaborate or expensive to prevent most problems.  Remember – cybercriminals aren't “super-human.”  They reuse old malware because they know many enterprises don't take the trouble to put in place basic cybersecurity programs.  Implementing those programs isn't always hard.  Identifying a trusted cybersecurity partner to help you put in place a basic program – and doing so pro-actively, can save valuable time when you might need it the most, because the best defense is prevention, preparedness and effective response.

Beth Musumeci is Senior Vice President, Cybersecurity at ICF International

Monday, January 18, 2016

This month’s blog post is an excerpt from our WIT friend Jane Maliszewski from Vault Associates and focuses on emotional intelligence. This is a nice lead to our event coming up on January 21st - Getting What You Want: Negotiation Skills for Women. Please see Jane’s bio after the blog post.
 
Want to be a better Negotiator? Improve your EQ!
Tuesday, January 5, 2017
 
Does the word “Negotiation” put a knot in your stomach? 
 
Turns out 39% of professionals in the U.S. feel uncomfortable with negotiations, according to a 2012 LinkedInSurvey of global professionals
 
Are you one of those who would consider a visit to the dentist more enjoyable than negotiating for something you really want?  [No offense to the valuable work of dentists, but a recent DeltaDental survey indicated 48% of parents express anxiety about going to the dentist.]
 
The definition of Negotiation is tame: a “mutual discussion and arrangement of the terms of a transaction or agreement” Sounds easy and unthreatening, right? 
 
Negotiation is something we engage in every day. From convincing your mountain-loving spouse to buy-in to your beach villa dream for this year’s vacation… to buying a new car… to adding someone with special skills to your project team… to convincing a new employer of the value of your expertise… to brokering a multi-million dollar merger with a rival company.  
 
Your negotiation savvy can be enhanced with good Emotional Intelligence. Here are 5 EQ competencies to polish up that will improve your negotiation presence: 
  1. Empathy, the ability to deeply listen and understand where another is coming from, whether you agree with them or not. Knowing the other’s perspective can help you determine what looks like a win-win from their side. 
  2. Emotional Self-Awareness/Expression, the ability to be acutely aware of your feelings about the issue at hand, the parties involved, and the outcome, and how displays of emotion can be perceived in a positive or negative light. Displays of anxiety, for example, can weaken your bargaining position or tempt you to close the conversation too early. Just as important, the presence of mind to identify the emotional triggers around the issue that may arise for you and being prepared to recognize and deal with them.
  3. Assertiveness, the ability to effectively express feelings & beliefs, and stand up for your personal rights even when faced with opposition. Believing that your side/point of view/needs matters and effectively presenting your case. This is not aggression or bullying which only serves to alienate the other party and stir up a defensive reaction, making it harder to develop a solution all will agree to. 
  4. Flexibility, the ability to be agile, tolerant, and react to change. Negotiation by its nature, is meant to be a give and take. Those with flexibility and adept at assessing and responding to the shifting feedback they get from their environment. If you approach negotiation with no wiggle room it is likely you will not get an outcome you can live with. 
  5. Reality Testing, the ability to see things objectively, rather than how we fear or wish them to be.Those with a high reality testing competence are skilled at assessing the environment with an objective lens, keeping their focus on the main issue, and recognizing that all parties view a situation with their own perspective, colored by their experiences and prejudices. Reality testing in negotiation helps balance the ‘head swirl’ of negative emotions which seed doubt and anxiety against the ‘rose-colored glasses’ naiveté that everyone sees things our way.
Harvard Business Review devoted the “spotlight” in the December 2015 issue to the ‘softer side of negotiation,’ including this article on Emotion and theArt of Negotiation. Well worth a read!
Finally, if you are in the DC Metro area, join us on Jan 21st, 2016 when Leslie Mulligan, negotiation consultant at WatershedAssociates, presents a special workshop on Getting What You Want: Negotiation Skills for Women for the Women in Technology  professional organization of the DC Metro area. For more info and to register: http://bit.ly/1mvWYn2
 

Jane Maliszewski is an Executive Coach and founder of VAULT Associates, a consulting business providing leader development and organization effectiveness services to technology companies. She often works with leaders who want to develop Emotional and Social Intelligence competency to create positive changes in their professional and personal lives. Jane served 27 years as an officer in the US Army. She has Masters degrees in Business Administration and National Strategy, and advanced professional certification in Leadership Coaching, Organization Development, and Knowledge Management. Jane is a WIT Board member and Chair of the WIT Programs Committee. Favorite things -- besides helping people achieve their potential! -- are cooking and adventure travel.

Sunday, January 10, 2016

5 Money Hacks for the New Year

As we kick off a new year, this month’s blog posting is an excerpt from the December 20, 2015 Working Mother by Teri Cettina, Working Mother contributing writer. You can find her bio at the end of the posting.

5 Money Hacks for the New Year

These are uncomplicated and essential for keeping an eye on your finances.

Want to get smarter about managing your money this coming year? It doesn’t have to be an overwhelming project, says financial coach and mom-to-be Kelsa Dickey, owner of Arizona-based Fiscal Fitness Phoenix. In fact, these are super-simple strategies for getting into better financial shape in 2016.

1. Review those January paychecks. If your salary is automatically deposited into your bank account, it’s easy to forget that this month’s checks could be slightly different amounts. Did you opt for different health insurance coverage? Change your 401k deductions? Who remembers? Those were way back during your open enrollment period. “Particularly if you’ve made any big changes, review your new deposit amounts and update your monthly budget if necessary,” advises Dickey. It’s a simple thing—but not doing it could mess with your bank balance and cause you to overdraft.

2. Let your calendar save you cash. How can something as basic as your schedule help improve your finances? Easy, says Dickey: “My clients who are disorganized spend a lot more money. They pay for missed doctor appointments and late childcare pickup, they eat out a lot because they forgot to pick up groceries, and more.” Whether you use a paper or digital calendar, commit to using it regularly starting January 1. Coordinate schedules with your partner too (Google Calendar makes it easy). Review your kids’ school/daycare calendar along with your and your partner’s work and personal calendars, and enter important 2016 events into your schedule ASAP.
If you use your calendar on your phone, make sure key reminders and appointments are set as pop-up alerts with sound or text. If you constantly run late, set reminders further ahead (30 minutes instead of 10) to give yourself time to disengage from whatever you’re working on and get out the door in time.

3. Use your FSA money now. Got a stack of healthcare and childcare receipts you haven’t yet submitted to your Flexible Spending Account (FSA) provider? Bite the bullet and round them up and submit in January. You probably have a few more months (your employer sets the date) to submit 2015 receipts, but the longer you wait, the more likely you are to forget an expense. If you have a chunk of money left, think: eyeglasses—and go today or tomorrow. Use it or lose it!

4. Embrace library e-book downloads. If you’re a big reader—as many professional women are—you probably drop a good amount of cash on books (both paper and digital). An easy way to save money in 2016: Commit to downloading digital books from the library instead of always buying them. “You can easily go back and buy the book if it’s really great—but often you’re only going to read it once,” says Dickey. Also, if you tend to rack up library fines for late returns, library e-books should be your new best friend. When your borrowing time is up—poof!—the book automatically removes itself from your digital device, so you never pay a late fee. Pretty slick.

5. C’mon, get app-y. “I’m still amazed at how many professional moms haven’t embraced money-saving apps they can use on their smartphone,” says Dickey. Some of her favorites:
  • GasBuddy Compare the price of gas at multiple nearby stations—including warehouse clubs like Costco—so you know whether to fill up near home or somewhere closer to work.
  • Key Ring Add everything from store loyalty cards to your barcode-scannable library card or gym ID card access to this app. You’ll never be without your important cards, and you’ll instantly slim down your wallet. If you have an Apple device, also consider the built-in Wallet app.
  • Mint.com If you don’t use a full-blown budget program, Mint does a great job of tracking and categorizing your expenses, notes Dickey. You can also use its bill-alert system so you don’t overlook a bill and end up paying late fees and extra interest.
  • Your Bank/Credit Union App Mobile deposit is Dickey’s favorite banking feature. Snap a photo of the front and back of your check and submit it electronically. No need to drive to the bank! 

Teri Cettina is a Working Mother contributing writer who specializes in parenting/family, money and business. She also writes for Real Simple, Reader’s Digest, Parents, Women’s Day and more. Teri lives in Portland, OR, with her husband and two daughters. Follow her at @TeriCettina or on LinkedIn, or visit her website Cettinaworks.com.