Revamping the Federal IT Ecosystem
Accelerating the Digital Transformation with Cloud Computing
Designing the IT Organization for Service Management
Revitalizing IT with Strategic Planning
Collaboration: The Key to Progression
Cletis Earle, CIO, Kaleida Health
Acknowledging the Great Power of Modern Technology
Joyce Jinde Edson, Deputy CIO & Asst Gen Mgr, City of Los Angeles
Gaining 360 Degree View of Consumers
Sahal Laher, SVP, Chief Digital & Information Officer, Destination XL Group, Inc. [NASDAQ: DXLG]
Predicting a Better Future for Students
Brian A Haugabrook, CIO, Valdosta State University
Mitigating Risks from Cyber Attacks
Most of the cybersecurity incidents are induced either by misconfiguration, atrophied update and adoption paralysis of a security system. A vast majority of cyber attacks like phishing, Trojans, and viruses are being dealt with by government and commercial sectors on a daily basis. But then again, we cannot blame it all on technology. The inability of a workforce to modernize and the lack of security awareness training also open doors for cybersecurity attacks. We realize we are not perfect, so how do we mitigate the impact of such incidents? Acknowledging the technology and learning all the chores needed to maintain a cybersecurity system is a good start. The cloud-based management and patching systems do not add to an existing cybersecurity infrastructure, but they help a great deal in providing relief for internal or external concerns, hence closing the technology-workforce gap.
The quickest way to reduce the technology-workforce gap is to trim down the IT infrastructure across an organization. With advancements in technology inducing proliferation of virtualization, serverless systems, and end-user computing, it is imperative that the IT team has a lesser footprint to manage, update and maintain for efficient cybersecurity measures. Reducing the surface area of a cyber attack can help fortify the resources at hand, and minimizing the possibilities of vulnerability and potential attack entry points. Virtualization and end-user computing aside, a serverless system migrated to a public cloud domain reduces the overall exposure and maintenance requirements of the IT infrastructure. Additionally, the cloud service provider can exponentially increase the budget for fortification against cybersecurity incidents. That being said, organizations are not off the hook just yet. It is crucial for the workforce to be trained and educated in security awareness, a fact that is often overlooked. Having ongoing remediation training and a cybersecurity training curriculum built into the onboarding process can go a long way in adopting effective measures against cyber attacks.
With technology and workforce ends being prepped for defense, it is time for the final step—penetration tests. The best way to ensure a cybersecurity measure stays reliable and firm is to try breaking into it. Yes, that’s right, hiring ethical or ‘white hat’ hackers to hack into the system can provide the organization with valuable insights on any flaws, vulnerabilities or weak spots in cybersecurity. These penetration tests, or pen tests, are performed on every level of security measures—internally and externally—to find and close the gaps in the cybersecurity system, keeping the organization well equipped to deal with any cyber attacks thrown by the digital world.