Cyber-preparedness: Try the Five Minute Micro-Exercise

Cyber-preparedness: Try the Five Minute Micro-Exercise

Cybersecurity continues to be an evolving threat to the public and to our nation.

Micro-exercising is a concept in physical fitness where people engage in a short, targeted workout or slightly increase the intensity of a normal activity in whatever location or during whatever time they have available – think taking the stairs versus the elevator, or working while standing up instead of sitting at your desk. In the same vein, we can apply a similar approach to cyber-preparedness, as we recognize the number of vulnerabilities created through users’ behavior, activities, or other human errors.

Protecting networks and critical infrastructure from malicious attacks, equipment failure, human errors, and honest mistakes involves applying overlapping security controls in the context of strategies that may be opaque or seem incredibly complex to an authorized system user. When that happens, people may become less conscious of their activities as they are either overwhelmed with information or they think, “Someone else is taking care of this.” While that is often true and even as cybersecurity techniques evolve with proactive technologies to remove vulnerabilities or stem an attack before it happens, we still find that we often react to cyber incidents after the fact.

Enter the micro-exercise. Cybersecurity exercises that receive the most publicity are national in scale and have a broad scope intended to test, validate, or identify weaknesses in large-scale cybersecurity strategy. Beyond that, I often wonder how many system users actually get to participate in any cyber-exercise. I suspect it is not very many and, therefore, people may not have had the opportunity to reflect or understand cybersecurity best practices or response methods.

Managers have an opportunity, and potentially a responsibility to their organization, to provide that opportunity by starting with a simple question: “What would you do if you receive an email with an attachment from someone you don’t know?”  Or, “You see an antivirus alert on your computer, so you…?”  Or, “You are unexpectedly prompted to enter your user ID and password. Should you do that? Should you report it?”

It does not take a full-scale exercise to keep a network healthy. 

Ask the question in a staff meeting and have a five-minute conversation about what should happen next. If people don’t know the answer, rather than being “wrong”, it may mean that there is an opportunity to direct them to an authoritative source, to some awareness materials, or that there is a gap in policy, procedure, or awareness that can be addressed with the IT organization. When this is the case, they will be glad you asked.

Blog Cybersecurity

Contributors

* Arc Aspicio |

Arc Aspicio is a management, strategy, and technology consulting firm that takes a mission-oriented approach to complex client challenges. As a rapidly growing company, Arc Aspicio has a bold strategy for 2016-2018 that drives growth through new capabilities in strategy, design, human capital, data analytics, information sharing, cybersecurity, and strategic communications. The company is known for a strong, collaborative culture that values gratitude – for its clients and its great team. And, #welovedogs! Follow us on Twitter @arcaspicio or learn more at www.arcaspicio.com.

Lynn Ann Casey / Chief Executive Officer
info@arcaspicio.com
703.465.2060

Data + Strategy: Using Data to Inform Agency Strategy

Data + Strategy: Using Data to Inform Agency Strategy

Understanding the types of data available, gaining access to the right data, and making sense of data are daunting tasks for most organizations as they develop a strategy to meet mission demands and enterprise-wide goals. Data is especially challenging for the Government, yet provides the opportunity for insight for leaders as they strategically move their agencies forward.

Workplace Morale is Going to the Dogs… Literally!

Workplace Morale is Going to the Dogs… Literally!

There are few greater feelings than a dog’s unconditional love. And some are finding that a dog’s love can help combat stress at work. Secretary Zinke of the Interior Department announced his intent for "Doggy Days" where he encouraged employees to bring their canine companions to work on designated days. More than 80 dogs arrived for first event and the overjoyed employees immediately scheduled the next.

Accelerating FITARA Compliance: Five Steps That Leaders Can Take Today

Accelerating FITARA Compliance: Five Steps That Leaders Can Take Today

Implementing change is not always easy, but it is always necessary. Federal agencies have been working to transform how they acquire and manage Federal information technology (IT). The Federal Information Technology Acquisition Reform Act (FITARA) in December 2014 has increased visibility into this transformation.Although FITARA enhances the authority and accountability of Chief Information Officers (CIOs) in reviewing and approving major IT investment projects, CIOs continue to look for new ways to implement best practices at their agencies.

Combating the Rise of Transnational Criminal Organizations

Combating the Rise of Transnational Criminal Organizations

Crime, corruption, and violence – particularly involving drug, human, and weapons trafficking – continue to increase at an alarming rate in the U.S. Transnational Criminal Organizations (TCOs) are a critical part of this trend and pose a serious and growing threat to homeland security – at our borders and beyond.U.S. Customs and Border Protection (CBP) is at the tip of the spear to combat TCOs. With the context that the first goal in their Vision and Strategy 2020 Strategic Plan is Counter Terrorism and Transnational Crime, CBP is focusing on disrupting TCOs responsible for the cross-border trafficking of illegal drugs, humans, and guns.

Design Thinking: Putting the Citizen at the Heart of Lasting Change

Design Thinking: Putting the Citizen at the Heart of Lasting Change

For the past few decades, there has been a growing increase in the digital channels available to network with the Federal government. These channels have made it easier for the public to interact and elicit responses from elected officials.These growing interactions have increased expectations for Government to be more transparent and collaborative. From the Department of Homeland Security (DHS) to the Department of State (DOS), Design Thinking transformations have begun to develop and modernize programs to be more human-centered. Agencies and programs beholden to serve the public good should logically adopt a problem-solving mindset that places the individual at the heart of any lasting changes.

Using Behavioral Science to Improve Mission Outcomes

Using Behavioral Science to Improve Mission Outcomes

Although behavioral science has been studied and applied within academia for decades, recently the concept has emerged everywhere – from Silicon Valley tech giants such as Google and Uber, to various Government agencies including the Department of Education, the Department of Defense, and the Department of Agriculture.But defining and applying such a broad and sometimes-nebulous discipline can prove difficult. What exactly is behavioral science? How can the Government use the concepts and lessons learned effectively?

Homeland Security Managers = Innovative Leaders

Homeland Security Managers = Innovative Leaders

The search for and implementation of innovative methods to protect the homeland should play an important role in homeland security managers’ approach to how they guide their organizations. Citizens expect government leaders to propose and implement organizational, acquisition, and personnel management practices that enhance our nation’s ability to prepare for and mitigate potential threats. They expect these to make them safer and the nation more secure.

Exploring the Known: Empowering Innovation by Working Out Loud

Exploring the Known: Empowering Innovation by Working Out Loud

Sharing in-progress work with others – your team, your client, your leaders – can be a daunting prospect. It can also be a great way to share lessons learned, drive quality into everything we do, and build trust. Working Out Loud is “a practice that combines conventional wisdom about relationships with modern ways to reach and engage people”. 

Leaders by Design (Thinking)

Leaders by Design (Thinking)

At Arc Aspicio, our very best assets are our people. In 2017, we introduced a program called the ‘Leaders by Design’ aimed at growing future leaders of our firm in a peer group setting. Leaders by Design is a customized experience for Senior Associates within the company to develop leadership skills and grow professionally and personally by interacting with others with similar experiences and also with senior leaders. The Peer Group is a co-investment to focus on collective growth and development – this means the company invests money and time in developing the training and the growing leaders also invest personal time.

Organization Redesign: Is the Cure Worse than the Ailment?

Organization Redesign: Is the Cure Worse than the Ailment?

According to a popular management joke, new executives should blame their predecessors when facing their first crisis.  When facing their second crisis, they should reorganize everything. Jokes are funny when they’re seen as plausible. Reorganizations show action, produce change, and create opportunities for new leadership. However, are reorganizations worth the disruption?

Arc Aspicio to Host Design Thinking Forum: Creating the Future of Government on June 21

Arc Aspicio to Host Design Thinking Forum: Creating the Future of Government on June 21

Washington, DC, June 7, 2017 — Arc Aspicio plans to host an inaugural Design Thinking Forum featuring a discussion on how Federal leaders can innovate solutions to create the future of Government. Design Thinking is a human-centered innovation process that emphasizes observation, collaboration, fast learning, visualization of ideas, rapid concept prototyping, and concurrent business analysis, which ultimately generates innovation and increased mission outcomes.