See a condensed version of this article as it ran in The Hartford Courant. I also was interviewed on WFSB Channel 3’s Face the State about this topic in September 2020. When a city or company is hacked, its leaders usually don’t face the press. They hide behind a statement and news of the attack gradually emerges over days or weeks. They don’t want to field questions about what they would have, could have, should have done. Earlier in September 2020 when Hartford Public Schools canceled the first day of classes while the city recovered from a cyber attack, the mayor, school superintendent, police chief and head of IT for the city held a joint press conference. They confidently explained the situation and the city’s response. To those of us in the cybersecurity field, it was clear that the city had invested time and financial resources and was ready for this attack and that its leaders were following a response plan. It was very different from the scrambling we’re used to seeing, especially on the municipal level.
A version of the following article ran in the August 10 edition of the Hartford Business Journal under the headline "What part of your pandemic business should you keep?" As your organization scrambled to adjust to COVID-19, you may have implemented temporary solutions that could continue to be of value to the business going forward. With restrictions lifting, companies can pause to identify any positives that came out of this experience that may lower expenses or boost revenues on a long-term basis. In doing so, it’s also important to assess if your business may have gotten by with technology practices in the short term that could pose cybersecurity risks if left in place permanently.
Start improving your cybersecurity posture now with this ebook, free when you subscribe to our blog.
Last fall, I had the amazing experience of being interviewed by Chion Wolf—a familiar voice and personality to anyone who listens to WNPR—for the Connecticut Voice Podcast. The podcast highlights LGBT individuals from different areas of expertise across Connecticut and I was honored to be included. Our conversation touched on everything from coming out to helicopters, to cybersecurity—including my favorite interview question I’ve ever been asked comparing working in IT to being a pilot. Pride Month seemed like a good time to share some highlights from this interview, so below are two moments that stood out to me as well as the full audio recording.
As businesses continue to struggle with the economic fallout of COVID-19, many leaders are looking for ways to reduce costs, including technology. When implemented strategically, technology is a business enabler—an investment, not an expense. However, it’s always good to eliminate inefficiencies or redundancies in the IT department whenever possible. I recently had the chance to contribute to a TechRepublic article called “CIOs: 8 ways to trim IT budgets”. My tip, which focuses on telecom costs, is number 6. Below is more detail on how companies can potentially find savings in the IT budget.
Video chat meetings are now part of daily operations for so many businesses. When the coronavirus quarantine period started, video conferencing was a bit of a fun novelty. Colleagues who had never tried Zoom were now using it multiple times a day. Sadly, it didn’t take hackers long to realize they could exploit the popularity of video chat platforms to commit cybercrimes. Zoom in particular has experienced so many security issues that many organizations, including school districts in NYC, have banned it. While there are certainly more secure platforms, I use Zoom every day. Since the COVID-19 pandemic began, Kelser has advised our clients on how to use Zoom and set it up for them. Recently, I was a guest on FOX 61 Morning News to discuss cybersecurity best practices for Zoom.
It seems like overnight most of us joined the remote workforce. Even for companies that already have the infrastructure in place to handle a situation like this, it has made for the ultimate stress test. For other businesses, it’s been a wake-up call as many now find themselves building the proverbial boat as they’re floating down the river. As we continue into the new temporary reality of long-term remote work and social distancing, I’ve been thinking a lot about the security considerations of working from home versus working in the office.
Simply having or transmitting data is a risk. It’s often a necessary risk—companies have to store and share data constantly in order to do business—but it’s important to remember that if something is deleted or isn’t shared, it’s much less likely to fall into the wrong hands. This is something we talk about with our cybersecurity clients throughout Connecticut on a regular basis. Part of our process is to take stock of who they are sharing data with and why. If there’s not a reason to be sharing a particular type of data with a particular party, then not sharing it cuts down on risk of it being breached at some point. If data isn’t in use anymore, deleting it eliminates something a hacker could get a hold of.
Joining forces with an IT managed services provider (MSP) gives you the benefits of having a full-time IT staff, without the full-time expenses that go with them. MSPs can enrich even small and medium-size businesses with a wealth of IT knowledge and experience that wouldn’t be available at the same price point with in-house employees.