Cyber-preparedness: Try the Five Minute Micro-Exercise

Cyber-preparedness: Try the Five Minute Micro-Exercise

Cybersecurity continues to be an evolving threat to the public and to our nation.

Micro-exercising is a concept in physical fitness where people engage in a short, targeted workout or slightly increase the intensity of a normal activity in whatever location or during whatever time they have available – think taking the stairs versus the elevator, or working while standing up instead of sitting at your desk. In the same vein, we can apply a similar approach to cyber-preparedness, as we recognize the number of vulnerabilities created through users’ behavior, activities, or other human errors.

Protecting networks and critical infrastructure from malicious attacks, equipment failure, human errors, and honest mistakes involves applying overlapping security controls in the context of strategies that may be opaque or seem incredibly complex to an authorized system user. When that happens, people may become less conscious of their activities as they are either overwhelmed with information or they think, “Someone else is taking care of this.” While that is often true and even as cybersecurity techniques evolve with proactive technologies to remove vulnerabilities or stem an attack before it happens, we still find that we often react to cyber incidents after the fact.

Enter the micro-exercise. Cybersecurity exercises that receive the most publicity are national in scale and have a broad scope intended to test, validate, or identify weaknesses in large-scale cybersecurity strategy. Beyond that, I often wonder how many system users actually get to participate in any cyber-exercise. I suspect it is not very many and, therefore, people may not have had the opportunity to reflect or understand cybersecurity best practices or response methods.

Managers have an opportunity, and potentially a responsibility to their organization, to provide that opportunity by starting with a simple question: “What would you do if you receive an email with an attachment from someone you don’t know?”  Or, “You see an antivirus alert on your computer, so you…?”  Or, “You are unexpectedly prompted to enter your user ID and password. Should you do that? Should you report it?”

It does not take a full-scale exercise to keep a network healthy. 

Ask the question in a staff meeting and have a five-minute conversation about what should happen next. If people don’t know the answer, rather than being “wrong”, it may mean that there is an opportunity to direct them to an authoritative source, to some awareness materials, or that there is a gap in policy, procedure, or awareness that can be addressed with the IT organization. When this is the case, they will be glad you asked.

Blog Cybersecurity

Contributors

* Arc Aspicio |

Arc Aspicio is a management, strategy, and technology consulting firm that takes a mission-oriented approach to complex client challenges. As a rapidly growing company, Arc Aspicio has a bold strategy for 2016-2018 that drives growth through new capabilities in strategy, design, human capital, data analytics, information sharing, cybersecurity, and strategic communications. The company is known for a strong, collaborative culture that values gratitude – for its clients and its great team. And, #welovedogs! Follow us on Twitter @arcaspicio or learn more at www.arcaspicio.com.

Lynn Ann Casey / Chief Executive Officer
info@arcaspicio.com
703.465.2060

Top Qualities of Design Thinking Leaders

Top Qualities of Design Thinking Leaders

Design Thinking is on the rise in the business world. Design Thinking leaders focus on creating the best product for their clients and working with the experiences and insight of fellow coworkers. Some of the key characteristics of Design Thinking leaders present themselves in individuals who are open and subject themselves to vulnerability with clients and coworkers. These qualities help leaders to connect and build relationships with others. They also create an open flow of communication that allows for others to better share their knowledge to align with and understand the company's mission.

Think, Key, Speak: Purposeful Communications

Think, Key, Speak: Purposeful Communications

I spent the early years of my career in the United States Navy as a Naval Flight Officer on the E-2C Hawkeye, the Navy’s aircraft carrier-based Airborne Early Warning and Command and Control platform. The various missions of the aircraft demand that aircrew monitor up to ten radio frequencies, and actively speak on three or four of those, at any given moment in flight.

How Can Communities Ready Themselves for a Major Power Grid Event?

How Can Communities Ready Themselves for a Major Power Grid Event?

Communities are often the foundation for an expedited recovery following major events. But how can communities strengthen their response to, for example, a major cyber-attack or natural event, such as an Electronic Magnetic Pulse solar flare? A United States electrical grid failure could destroy a number of the nation’s high voltage transformers causing widespread outages for several weeks, even months. A public health emergency could quickly ensue particularly among the vulnerable as the ripple effects cause significant societal disruption. The Federal Emergency Management Agency’s (FEMA) strategic plan encourages and empowers communities to prepare for the inevitable impacts of future disasters. How can communities prime for major events?

Confessions of a Chief Strategy Officer

Confessions of a Chief Strategy Officer

I’ll admit it, I was a little smug. After more than 20 years in the consulting business helping clients develop, implement, and integrate their strategies, I thought… “how hard could it be to do the same things for my own company – a company of consultants?” I had the commitment of my leadership, a group of talented people, and a plan and resources to grow the company. We had energy and we had a great process and tools to successful. What could go wrong?

Exploring Trends in Strategic Workforce Planning (Attract, Engage, and Retain)

Exploring Trends in Strategic Workforce Planning (Attract, Engage, and Retain)

Federal agencies have been undergoing significant transformation, requiring effective workforce strategies that can assist them in facing increasing challenges. As government leaders look for and implement initiatives to improve performance, Strategic Workforce Planning, (SWP) has become instrumental in assisting organizations to focus on their most important resource: their people

#Innovate Your Heart Out: We See an Innovation Day in Your Future

#Innovate Your Heart Out: We See an Innovation Day in Your Future

Innovation is difficult to harness for organizations of all sizes (Government and private sector alike). Replicating a process to encourage and produce innovation is even more challenging. Innovating in a structured space and time seems counter-intuitive, and begs the question: can thinking outside the box be a structured activity? Arc Aspicio recently held an Innovation Day to answer this question.

A Unified Brand Helps Serve a Complex Mission

A Unified Brand Helps Serve a Complex Mission

The Department of Homeland Security (DHS), created in 2003, undertook the most significant reorganization of federal agencies since the Cold War. It brought together federal, state, local, tribal, and territorial agencies with a focus on securing the U.S. from threats in a collaborative way. DHS pulls together five complex mission areas: preventing terrorism and enhancing security; managing our borders; administering immigration laws; securing cyberspace; and ensuring disaster resilience.