Menu
Log in


Log in


Looking for more ways to connect?


Connect with
TECH NEWS to discover emerging trends, the latest IT news and events, and enjoy concrete examples of why Technology First is the best connected IT community in the region.

Subscribe to our newsletter


<< First  < Prev   1   2   3   4   5   ...   Next >  Last >> 
  • 02/27/2023 4:10 PM | Marla Halley (Administrator)

    Dayton, Ohio, and the wider Montgomery County has seen its share of tragedy during the opioid epidemic. Ohio has been one of the 10 worst-affected states in America, and the Dayton region has seen Ohio’s worst fatality rates from drug overdose[1]. While a hospital or emergency room can treat an acute incident for a patient with a substance use disorder (SUD), the longer fight against relapse is often waged by other organizations. The Community Outreach Actions Team (COAT) was specifically created in Montgomery County to address the grave opioid situation. The Public Health Quick Reaction Team (QRT) seeks to identify at-risk individuals and get them enrolled in treatment. The efforts of this community collaboration saw overdose deaths fall from 566 in 2017 to 289 in 2018, a decrease of 59%[2]

    The Montgomery County Emergency Room Overdose Notification (MC-ERON) system has enabled Dayton’s Alcohol, Drug Addiction and Mental Health board, and Public Health – Dayton and Montgomery County to provide outreach services to residents who experienced an emergency hospital visit due to a drug overdose, since 2018. MC-ERON generates a daily list of patient health and contact information that can be used to mobilize outreach efforts that would minimize the risk of further overdoses and deaths. However, MC-ERON did not prioritize, nor indicate, which patients are at a higher risk for additional overdoses or death. To overcome this limitation, the MC-ERON risk-stratification model is designed to estimate a patient’s risk score based on their demographic information, health history, and previous drug-related encounters with law enforcement and the health system, then assign a priority level to that patient based on the score. The risk score is then used to bin patients into four risk ‘priority levels’ which is provided to outreach personnel to contact the most at-risk patients. By comparing newly discharged overdose patients to those who previously died in-hospital, risk stratification scores can be calculated and included in the daily notifications to ADAMHS and PHDMC’s QRT.

    The MC-ERON Risk-Stratification model has been deployed to PHDMC peer outreach specialists since 2019, with high overall model performance (AUC in the range of 0.82 to 0.85). Since deployment, individuals who died during or after the overdose encounter were scored as "high-risk" or "high-priority". Those that died during their hospital visit would not have benefited from outreach after their overdose; however, these patients highlight that the scores reflect the level of risk. For the patients who died after the encounter, this data suggests they would have been accurately prioritized for outreach services.

    Despite these analytical successes, the MC-ERON Risk stratification algorithm represents a mismatch between problems faced by users and the ultimate solution. For peer outreach specialists, by the time the QRT is activated, the individual is already in crisis and at risk; therefore, the individual's precise "risk" is less valuable than the information provided along side the score. 

    The MC-ERON Risk-Stratification model was created before Ascend had a robust user focus. While the model and insights are valuable for PHDMC epidemiologists, the target users- the peer outreach specialists - find the most value in the contextual data features that accompany the actual predicted "risk score”. This mismatch between problem and solution has limited the impact of the Risk-Stratification model, and possibly limited the impact that machine learning could make on an urgent community problem. For example, peer outreach specialists are looking for ways to identify individuals that would most benefit from their intervention. For example, a model that could identify the likelihood of an individual to seek treatment, or identifying those individuals experiencing substance "abuse" vs "use" as those who are "using", rather than "abusing", may benefit from more sustained outreach to address addiction and chronic use.

    Not understanding the context of the problems faced by a user can lead to gaps and missed opportunities when creating a predictive model. Upfront discovery is key to understanding the business and user needs to build the right predictive model that addresses problems within the current systems. Always keeping the user's needs top of mind will deliver the highest value to the business and the end user of your analysis.

    [1] https://journals.stfm.org/familymedicine/2018/june/bowman-2018-0131

    [2] https://www.mcohio.org/2018%20Community%20Overdose%20Action%20Team%20(COAT)%20Annual%20Report.pdf

  • 02/27/2023 3:53 PM | Marla Halley (Administrator)

    • I’ve never been much for New Year’s resolutions. Instead, I like reviewing the previous year’s accomplishments, challenges, and outcomes. This year, I used an assessment wheel to evaluate different areas of my life:

      • Career
      • Fun and recreation
      • Money and finances
      • Physical environment
      • Personal growth
      • Health and wellness
      • Friends, family, and significant others
    • As I considered all the aspects of the wheel, specifically regarding career, it helped me think about my:

      • Skills
      • Talents
      • Work environment
      • Opportunities for growth
      • Current commitments  
    • All great things to think about! Which led me to pulling down a book from my shelf, How Women Rise,” by Sally Helgesen and Marshall Goldsmith. I read this book several years ago and absolutely LOVED it! The authors recognized women “face specific and often different roadblocks from men as they advance in the workplace”. So, as you look back on your 2022, and specifically your career, how are you feeling? Do you feel stuck?

      Helgesen and Goldsmith ask these questions:

      • Do you feel something is preventing you from moving forward or from leading the life you’re supposed to be living?
      • Do you feel unable to break through circumstances that are conspiring to hold you down?
      • Do you feel as if your contributions are not recognized or appreciated?
      • Do you feel the people around you have no idea what you’re capable of achieving?

    If you answered yes to most of these questions, then this book is for you! If, like me, you are wondering how to become unstuck, then reading this book will help you uncover the habits that hold you back from rising to your full career potential.

    For a more gender-neutral point of view, read What Got You Here, Won’t Get you There,” by Marshall Goldsmith with Mark Reiter. This book is a broader stroke on the question, “What is holding you back?”

    I hope you unearth the habits that no longer serve you. I believe leaving them behind will get you further down your path to success. Please connect with me and let me know how you got unstuck.

    You’ve got this! Together anything is possible!

  • 02/27/2023 3:43 PM | Marla Halley (Administrator)

    It has been my pleasure on behalf of the Strategic Ohio Council for Higher Education (SOCHE) to collaborate closely with Melissa Cutcher and Technology First for many years. Some of our earliest collaborations were through Cin-Day Cyber and Career Adventures Camp. As the President of SOCHE, my focus is on leading our organization in collaborating with K-12 districts, colleges, universities, and industry to transform the economy through education and employment. This mission focus has resulted in sitting in many meetings at tables with Technology First.

    SOCHE’s workforce development mission set has led us to many collaborative initiatives with Technology First and its many members.  This regular engagement between our organizations has led us to recognize the need for closer organizational alignment and I’m very excited that Technology First has asked me and SOCHE to the inner circle through their Board of Directors.  Our organizational missions at SOCHE and Technology First are very closely aligned and have led us to work on the same project on multiple occasions. 

    Through SOCHE’s work on Technology First’s Board of Directors, we hope to increase our work together and further align our work for the benefit of workforce development of information technology professionals across the region, while we work together to build upon our region’s existing economic development prowess. Close relationships through SOCHE’s 22 College and University members and Technology First’s members can only help our region become the premier location for professionals in IT as well as for businesses who are looking for a new home. 

    Our region has the workforce needed for the future with over 400K college and university students and close to 15K High School students. Our next generation of working Daytonians is already here in our region and it is our job to show them the pathway to great careers. We can make this happen through our engagement in our schools as well as by encouraging our students to spend time in our companies learning about our many different industries. Over the next few years as we manage decreasing numbers of students in each of our schools it is imperative for all businesses to engage and ensure that we are assisting all students to achieve their potential with at least a high school diploma and potentially a post-secondary certification or degree. I look forward to working with all of you to continue to make the Dayton region a great place to live, work and play!

  • 01/31/2023 11:41 AM | Marla Halley (Administrator)

    It’s no secret that finding and keeping talent in the Information Security space continues to be challenging for organizations. 

     We must continue to think differently about how we recruit and retain talent, what resources we utilize, and how we engage in the community.

    Why Developing your teams is critical to building a robust security program:

    • Demands from regulations and cyber insurance require training as part of your business plan
    • It helps prepare your team and gives opportunities for more responsibilities and promotion – advancement
    • It helps with testing efficiency and knowledge within the area of expertise
    • Improvement of security knowledge/skills
    • Cross-training teams – to avoid single points of failure

    Things for consideration in building a training program:

    • Blended Learning Programs – Meeting people where they are (not everyone learns the same way)
    • Funding Sources – Ohio TechCred as an example
    • Consider building out repeatable training programs that align with business needs

    Finding Talent:

    • Creating Apprenticeships programs with current teams from other areas of the business
    • Creating Security Champions
    • Attending local conferences to find talent
    • Working with High School STEAM Programs
    • Engage with local Special Interest Groups

    For the Ohio Information Security Conference, ReynCon will present “Building a Cybersecurity Culture: It’s Time to Think Differently About Training.” Join us at Sinclair Conference Center at 10:45 am on 03/01/23

  • 01/30/2023 2:16 PM | Marla Halley (Administrator)

    The United States' communication supply chain is a critical infrastructure that enables the country's economic and national security. However, it is also a vulnerable target for foreign adversaries looking to exploit weaknesses and gain access to sensitive information. In this article, we will discuss the importance of protecting the US communication supply chain and the steps that can be taken to do so.

    One of the biggest threats to the US communication supply chain is the potential for foreign adversaries to introduce malicious hardware or software into the system. This can be done through various methods, such as compromising manufacturing processes or infiltrating supply chains. Once in place, these malicious components can be used to steal sensitive data, disrupt communications, or even gain control of critical infrastructure.

    It is essential to take a multi-layered approach to Cybersecurity. Implementing network segmentation is one of the best ways to protect networks from foreign interference. This involves dividing a network into smaller segments, each with its own security controls. This makes it more difficult for attackers to access sensitive data and systems.

    Another way is to be sure you have a good inventory of your network. What's operating on your network? Remember the CIS Controls and the two most important controls. Know your hardware and know your software. You can't mount any defense or response if you don't see what you have. 

    TikTok, the popular social media app known for its short-form videos, has become a household name in recent years. While the app has been praised for its creativity and entertainment value, it has also raised concerns about its potential security risks. 

    Another threat of TikTok is the potential for foreign interference. The app is owned by Chinese company ByteDance, which has been accused of censoring content and spreading disinformation. This has led to concerns about the app's ability to influence public opinion and political campaigns. How do you mount a defense against TikTok?

    To protect the US communication supply chain, it is essential to implement strict security measures throughout the entire process, from the design and development phase to the final deployment. This includes conducting thorough background checks on suppliers and vendors and performing regular security assessments and penetration testing on all components of the system.

    Another critical step is to increase the use of secure communication technologies, such as end-to-end encryption and security protocols. This can help protect against eavesdropping and other forms of cyber espionage. It's also important to have incident response plans in place so that organizations can quickly respond to any security breaches or disruptions.

    The US government can also play a key role in protecting the communication supply chain by implementing regulations and standards for the industry. This includes setting guidelines for the design, development, and deployment of communication systems, as well as providing funding for research and development of secure technologies.

    In addition, it is important to have international collaboration and information sharing in order to address the global challenges of the communication supply chain. The US government can work with other countries and international organizations to share information about threats and best practices and to coordinate efforts to protect critical infrastructure.

    In conclusion, protecting the US communication supply chain is essential for ensuring the country's economic and national security. By implementing strict security measures, increasing the use of secure technologies, and working with the government and international partners, organizations can better defend against the threats of foreign adversaries and ensure the integrity of the communication supply chain.

    I'll be speaking at the Ohio Information Security Conference in March and will go into more detail on how to protect and respond to these and future threats.

    The Author: Shawn Waldman is the founder and CEO of Secure Cyber Defense in Moraine OH. Shawn has created one of the only local firms that 100% focuses on Cybersecurity and has built its own Security Operations Center. Shawn is a subject matter expert and thought leader on Cyber and speaks at conferences globally on the topic.

  • 11/28/2022 12:53 PM | Marla Halley (Administrator)


    Connect, Strengthen, Champion, and a Partridge in a Pear Tree

    We were torn between writing you an annual report or an end-of-the-year holiday newsletter. You know the type: That yearly three-page single spaced book full of family highlights that falls out of your best friend from high school’s glitter encrusted Christmas card.

    Instead, we chose to give you a Top 12 List of 2022 in Review. You’re welcome!

    January – We kicked off the year helping you get organized with a member-to-member benefit session with Organization Solutions. Our Peer Groups for Infrastructure/Cloud and Women for Technology began their new year’s programming together. We saw the birth of a workforce subcommittee in conjunction with Montgomery County Educational Service Center. We finished off the month hosting our annual CIO Forecast Panel.


    February –February’s main event was the annual Digital Mixer held at Wright State University. Over 140 students and employees connected to explore career possibilities. Women 4 Technology had a fascinating conversation around The Great Resignation.



    March – If it’s March, then it’s all about the Ohio Information Security Conference. Over 300 people  gathered at Sinclair Conference Center to share knowledge of the latest cybersecurity threats and strengthen their processes.


     


    April –Executive Director, Melissa Cutcher, represented Technology First at a workshop to teach web development at the Innovation Hub in the downtown Dayton Arcade building. We were back in person for a Tech Forum addressing staffing challenges & labor shortages in the IT community with Cassie Barlow, Doug McCollough, Chad Bridgman, and Matt Coatney.




    May – May saw the Peer Groups in full swing  championing data analytics and cybersecurity. We ventured down south to Mason for some Tech Thursday networking. Executive Director, Melissa Cutcher, participated in an OCEA panel discussion.





    June – Women 4 Technology squeezed over 25 participants into Warped Wing’s Springboro location for a Meaningful Networking session. Members enjoyed a Dayton Dragons’ game courtesy of our annual partners altafiber and ATC. Executive Director, Melissa Cutcher, represented Technology First at a two-day workforce development retreat with Montgomery County Educational Service Center.



    July – Given the success of the Springboro event, Women 4 Technology ventured down the road to Fretboard Brewing Company in Cincinnati to offer another Meaningful Networking session to our members.




    August – Peer Groups for IT Leaders, Infrastructure/Cloud, Cybersecurity, and Data Analytics all met to learn new or different approaches, validate thoughts, and expand on their existing practices. Technology First partnered with The Circuit for a fun night of IT networking in Hamilton at Municipal Brew Works.






    September – We enjoyed supporting some members participating in the COMSPARK conference. We also had a wonderful turnout at the annual Golf Outing benefitting the Technology First Scholarship Fund. You helped us raise almost $7000 to award qualified, regional college students!




    October – We are happy a few members of the Board of Directors were able to witness Executive Director, Melissa Cutcher, receive the Jeanne Porter Career Achievement Award from Women in Business Networking at their annual gala. Congratulations, Melissa, so well-deserved! We stopped by SOCHEs 55th Anniversary lunch to congratulate them. This month provided members the opportunity to volunteer at the Girl Scouts of Western Ohio’s Cyber Challenge. AND we celebrated Technology First’s 25th Anniversary! We were honored to receive a proclamation from the State of Ohio from Lt. Governor, Jon Husted.




    November – More volunteer opportunities this month through the Dayton Metro Library’s Career Adventure Days and The Girl Scouts of Western Ohio’s STEM Career Fair. And, of course, we gathered with 400+ IT professionals from all over the state for our 16th Annual Taste of IT conference at Sinclair Conference Center. We ended the day with the 9th Annual Leadership Awards where we recognized 11 categories of exceptional IT talent from the Dayton region.






    December – Since this month just started, here’s a preview instead of a review. We will close out 2022 with these Peer Group meetings: IT Leaders, Data Analytics, Cybersecurity, Infrastructure/Cloud, and Women 4 Technology. Please join us!

    Thank you for connecting, strengthening, and championing the best-connected IT community in the Dayton region!

    #UniteDaytonTech


  • 10/30/2022 4:22 PM | Marla Halley (Administrator)

    One of the biggest mistakes that data teams often make is jumping straight to developing a solution and not spending enough time with the people who will be using them and understanding their true goals.

    Sometimes these goals, and the challenges to reaching them, are easy to identify. This is usually true if a data scientist is already working in the problem space or is already integrated into the business processes.

    However, many data scientists operate as an outside consultant who is brought in to help drive strategic goals. This can lead to misunderstanding the problem and creating a solution that doesn’t live up to stakeholder expectations.

    Or worse — creating the wrong solution.

    A data team’s first instinct is often to begin with understanding the data. However, they first need to understand the people involved in the problem and who want a solution to it.

    We can have all the data in the world but if we do not know how users or stakeholders interact with it and understand it in their terms, we cannot possibly make a solution that is going to fully solve their problem.

    But you’re in luck! There is a framework you can use to help overcome this risk before even seeing any data. This framework is design thinking - a growing trend within data science long used in product development. Empathizing with your stakeholders is the first step to better understanding the problem they are trying to solve.

    A simple way to start gaining empathy is by conducting interviews with your stakeholders, leadership, and team leads. You’ll be surprised by what you will learn by spending an hour (or more) in one-on-one meetings.

    Importantly, you’ll learn how they are doing the work today. You’ll also begin to learn the language, jargon, and methods that these people use and where they see the gap. Ultimately, you want to gather their ideas on how they would want to use a solution if they had a magic wand to make everything better.

    You also want to understand how leadership is currently driving business goals and figure out how a solution could contribute to those outcomes. And if it doesn’t contribute to the business goals, is it something that the stakeholders really want or need?

    Data science is a collaborative effort between you and those using your solution. Success starts by fostering a deep interest in the people for whom these solutions are built.

     

    Ascend is a socially impactful technology company that provides data driven products and consulting services to help organizations solve complex community health problems.

    For Taste of IT, as part of the Developer/Data Analytics track, Ascend Innovations will be presenting 'Keeping Humans in the Loop: Human-Centered Design in Data Science and Analytics'. Join us in Room 122 at 3:40p.m.


  • 10/30/2022 4:06 PM | Marla Halley (Administrator)

    The ever-expanding digital footprint of modern organizations is causing business owners to rethink their security technology stack to address sophisticated new threats. To better manage cyber risk, businesses are evolving and reframing security practices in preparation for the changing cybersecurity landscape. Unfortunately, managing risk is getting more complex every day. Bad actors have adopted their own organizational structure complete with HR, recruiting, training, finance, operations, and development teams. And worse? They use the same tools that the IT community knows and loves.

    Some of the go-to-market strategies for cyber criminals involve outsourcing, brokering software, and forming partnerships with other vendors. The web of cyber connectivity that has been woven is extraordinary and has evolved into a professional ecosystem that allows them to attack with impunity. As a result, stronger risk management practices are needed now more than ever. The National Institute of Standards and Technology (NIST), indicates that 93 percent of intentional breaches in 2021 were financially motivated, with only six percent of reported incidents attributed to espionage.

    So how do organizations protect themselves against such an intricate ring of cybercrime on a global scale?

     

    The Cost of Cyberattacks on a Global Scale

    Globally, the average cost of a data breach increased by 10 percent in 2021, reaching $4.3 million, up from $3.8 million in 2020, according to a recent data breach report conducted by IBM and the Ponemon Institute. The U.S. has continually ranked at the top of the list for costs, increasing from $8.6 million in 2020 to $9 million in 2021. With the cost of breaches on the rise, it’s no surprise that spending on security technology is on the rise as well.

    Worldwide spending on information security and risk management technology and services is expected to skyrocket in the next few years. According to a Venturebeat cybersecurity forecast, Gartner predicts end-user spending for the information security and risk management market will grow from $172 billion in 2022 to $267 billion in 2026, attaining a compound annual growth rate (CAGR) of 11 percent. Many businesses are seeking outside aid and partnering with IT consulting firms and cybersecurity experts to help them gain a better understanding of the solutions and services landscape.

    Build a Defensible Cybersecurity Posture

    A sound security strategy provides unified and reliable protection of your assets from potential threats. Today, every business is vulnerable to attack, not just major global brands, and the consequences of being unprepared can be catastrophic. That’s why along with the constant changes in the cybersecurity landscape, there has to be a continuous change in mindset.

    The dialogue around security has evolved as shown below:

    1. Organizations ask, “What if we are targeted?”
    2. Organizations ask, “Are we ready for when they attack?”
    3. Organizations are now asking, “Assuming we’ve already been compromised and don’t know it yet, how can we beef up our cybersecurity posture?”

    As the digital footprint of organizations expands, centralized cybersecurity control becomes obsolete. If you’re not looking into encrypted network traffic, you won’t have security. This shift in mindset is the fundamental principle that drives the concept of zero trust.

    Zero Trust: What and Why You Need It to Protect Your Business

    Protecting the modern business requires a new approach to security, and many are turning to zero trust. A cloud-native zero-trust platform is built on a proxy-based architecture that sits between the user and the Internet to provide secure access with full SSL inspection at scale. The core concept of zero trust is simple: Assume everything is hostile and always verify. In a zero trust architecture, a resource’s network location isn’t the biggest factor in its security posture anymore. Your data, workflows, and services are protected by software-defined micro-segmentation, enabling you to keep them secure anywhere; in your data center or in distributed hybrid and multi-cloud environments.

    All data must be protected everywhere—on-premises, in the cloud, in SaaS applications, as it travels on the network, etc. To provide the best possible security, organizations should have all their different layers of defense working together while leveraging the cloud, so that when an issue in any layer is uncovered, the rest of the layers will be informed for total protection.

    The painful reality is that all organizations are under attack—whether opportunistic or targeted—and the cybersecurity landscape is continually changing while the attack surface increases and the perimeter dissolves. The new paradigm in security is simple: assume the bad guys are in the system and plan accordingly.

    The above submission is compliments of ATC’s Tech Advisor series. Advanced Technology Consulting (ATC) specializes in digital transformation in four core areas; voice, network, cloud, and cybersecurity. In 2023, ATC will be a Technology First annual partner for five years running. For Taste of IT, ATC will be presenting on “SASE, The Edge, and Zero Trust” and exhibiting in booth #11.


  • 09/28/2022 2:37 PM | Marla Halley (Administrator)


    You are probably aware that Technology First stands on three pillars: To Connect, Strengthen, and Champion our IT community. What you may wonder is how. 

    We Connect by offering our members numerous opportunities every month to network with peers and industry leaders.

    We Strengthen by transferring knowledge of industry trends and emerging technology through our two major conferences each year, ToIT and OISC and working in partnership with both IT consumers and IT providers every day.

    And one way we Champion our technology community is through our volunteer work.

    Last month, Technology First held our 9th annual Golf Outing. The event raises money for the Technology First Scholarship fund. These scholarships are awarded every year to one or more deserving regional college students. So far, we have helped students from Cedarville University, Central State University, Clark State University, Miami University Middletown, Sinclair Community College, University of Dayton, Wilberforce University, Wright State University, Ohio State University and Xavier University. To be selected, students must be currently majoring in Information Technology-related curriculums, achieved distinguished academic success, and demonstrated authentic character and values, among other rigorous criteria. Here is what winning one of the scholarships means to a recipient:

    “Thank you Technology First for your investment in my future as well as the futures of all the other students who received scholarships. The monies will be going directly to my tuition payments to help ease my student debt and make my studies a little lighter”.   ~ Caleb V.

    Thank you to everyone who participated in this year’s golf outing. See a few photos from the event at the end of this post. Your generosity raised nearly $7,000. This brings our total donations for the past nine years to over $100,000! We could not provide this resource without both your support and the support of our sponsors; Horizon, Independents Fiber Network and aunalytics.

    And that is not all Technology First does to help students discover their place in the IT industry. This month, we will host the Girl Scouts of Western Ohio (GSWO) for their annual Cyber Challenge. The purpose of the Challenge is to grow and shape the future of IT in the Dayton region by getting girls excited about careers in cybersecurity. The Cyber Challenge presents the girls with scenarios of cyber breaches. It is a unique event because the Challenge is designed by girls for girls.    

    Then in November, Technology First will participate in the Career Adventure Day event hosted by the Dayton Metro Library. Partnering with organizations including DRMA, CareSource, SOCHE, Dayton Children’s, and many others, we will promote IT career-path opportunities to middle school students using interactive, engaging, hands-on activities.

    It's no secret Technology First is all about promoting awareness that every business is a technology business. We exist to help shape the future of IT. It’s also no secret that you support those purposes too. We are always looking for volunteers to champion these efforts alongside us. You could serve as a committee member, event volunteer, Peer Resource Group leader, or any number of satisfying roles. Please email me at mcutcher@technologyfirst.org to learn more.


  • 09/28/2022 11:56 AM | Marla Halley (Administrator)

    Let’s face it. Cybersecurity is hard. Between keeping the lights on and the mountain of IT projects, it is tough to stay in the know with current threats. It is common to see organizations attempting to throw software at the problem to stay informed and mitigate risk. However, this approach creates additional challenges. The software requires care and feeding and can produce large amounts of data that someone needs to review and act on. Before long, the software that was supposed to be the answer is just another piece of the enterprise that is getting little attention and presents risks since no one is updating it. While software solutions play a prominent role in understanding your threats and vulnerabilities, organizations should not discount the effectiveness of the basics.  

    When working with organizations, the three main focus areas are People, Processes, and Technology. Organizations that invest in these three areas typically have an effective defense against cyber threats and are on their way to maturing their cybersecurity programs.

    People:

    People play a large part in an organization’s cybersecurity defenses. Your employees can be your best defense or your biggest weakness. Cybercriminals are looking for the path of least resistance; usually, people are the most straightforward way into an environment. Implementing a solid training program for your employees is a low-cost way to ensure cybersecurity is top of mind at every level. Look for ways to implement training regularly throughout the year and create a security culture. In addition, the training that employees receive on the job will often help them stay safe at home.

    Process:

    Processes within an organization ensure everyone is working with the same set of guidelines. Unfortunately, we often encounter organizations with little documentation on the simplest of tasks. Take user on/off-boarding, for example. How many user accounts are still enabled, with the same password in your environment, and the user has been gone over a year? None, you think, but the reality is we encounter this scenario all the time and not just for one or two accounts. A user moved on, and no one notified IT. Documenting processes like this ensures that essential IT functions do not slip through the cracks. This is just one example, but organizations should take a hard look at their internal policy and procedures and, at a minimum, have an Incident Response Plan, Disaster Recovery Plan, and Business Continuity Plan reviewed regularly and practiced yearly.  

    Technology:

    Technology in terms of cybersecurity is more than what is implemented to protect the environment. Don’t get me wrong, having a firewall implemented and configured correctly is critical, but the attack vector shifts if you are not regularly patching your systems. Organizations are typically good at pushing Microsoft patches; that’s easy. However, software updates and operating system upgrades are a different story. How many Windows 2008, 2003, or Windows 7 machines are running in your environment? Each machine presents a risk and attack vector. Every known vulnerability since the end of support is available to an attacker. Therefore, organizations should consider upgrades as soon as a system is implemented. I often encounter organizations that utilize software and hardware well past their intended end of life. At some point, IT Administrators simply do not want to touch them for fear of breaking something. 

    In short, cybersecurity is more than any one piece of software or hardware. Organizations should take a layered approach to cybersecurity and think about solutions in terms of a program. Simply having good cyber hygiene goes a long way in limiting overall risk and attack footprint. By training your people, documenting your processes and procedures, and putting the right technology in place for your organization, you are well on your way to an effective cybersecurity program.  

    If you are looking for a place to start, we can help.

    Chad Robinson is the VP of Advisory and CISO at Secure Cyber Defense in Moraine, OH.  In his role, Chad works closely with organizations to develop and mature cybersecurity programs.

<< First  < Prev   1   2   3   4   5   ...   Next >  Last >> 

Meet our annual partners

Our Annual Partners share a common goal: to connect, strengthen and champion the technology community in our region. A Technology First Annual Partner is an elite member leading the support, development and expansion of Technology First services. In return, Annual Partners improve community visibility and increase their revenue. Make a difference in our region and your business. 

Become a partner



Technology First

1435 Cincinnati St, Ste 300, Dayton Ohio 45417

Info@TechnologyFirst.org
937-229-0054

© Technology First, All Rights Reserved