Thursday, January 11, 2018

I resolve this year to...

Around the corner from where I live is a small gym that I drive by every morning on my way to work.  Located at a busy intersection, there’s always a good amount of traffic surrounding the site, but of late, I’ve noticed even more people driving in and out of that parking lot than usual.  This should come as no surprise, as 2018 is still in its infancy, and many people remain solid in their resolve to stick to their New Year’s Resolution.

Regarding those resolutions, topping the list is of course usually something regarding physical fitness and getting in-shape.  Others choose to focus on their mental well-being or even relationships.  But having worked in higher education for quite some time, I’ve noticed another sort of resolution for adult learners: to go back to school and earn a degree.  

It makes sense if you think about it.  How many times in late-December or even early-January do we see or hear the phrase ‘New Year/New You?’  People look at the start of the New Year as a clean slate, and a chance to start over.  And along the way throughout my career, I’ve encountered countless people who attended college at one point in time, but life got in the way.  They truly did intend to earn their bachelor’s degree, but they instead decided to focus on their career, or they got married and started a family. 

Fortunately, the academic calendar operates a little differently for the adult student.  While the eighteen year-old co-ed has their bags packed and ready to move into their forced-triple of a dorm room in mid-August, the non-traditional degree-seeking student (most often ages 21 and older), starts working toward that degree that has long eluded them in January or other times throughout the calendar year.  

Convenience is key with the adult learner, and this is something that Manhattanville College does quite well.  The APPEAL degrees offers accelerated bachelor’s degrees for students (21 years and older) all throughout Westchester County, lower-Fairfield County, and even Manhattan and the boroughs.   The classes run in seven-week sessions, so students are never far from another session starting.  So if you did in fact make that New Year’s resolution to focus on mental fitness and earning your degree, this might be something to consider.  While the first accelerated APPEAL term of 2018 started this past week, there are eight accelerated seven-week courses set to start in early-March.  

Alas, some people need plenty of convincing when it comes to taking initiative and getting started on their New Year’s Resolution.  So in between researching which local gym offers the best pricing for new members, why not learn more about the APPEAL program at Manhattanville College by attending our next open house and faculty career panel on Wednesday, January 17th at 6:30pm?  Here’s a great opportunity to meet faculty, staff, and students from the School of Business, and to take a closer look at our accelerated bachelor’s and master’s degree programs.   If nothing else, you’ll feel as though you took one small step toward adhering to that New Year’s Resolution, and it’ll require much less painful exertion than that first trip to the gym. 

Register for our open house by clicking here. 

Whether you are new to college, have an associate's degree, a transfer student or transitioning from the military I can help you  raise your APPEAL with career focused bachelor's degrees.  

Jon DeBenedictis
Program Director, APPEAL

Wednesday, November 29, 2017

Cybersecurity Pointers for Business Leaders

Michele Braun
Director, Institute for Managing Risk
Manhattanville School of Business

What can a company do to take advantage of the computer and Internet technology that helps it flourish while staying protected from cybercrime and cybersecurity threats?

We used to say “you only have to open a newspaper …” to find a frequent news topic.  Today, you don’t even need to open up the newspaper (either physically or digitally) to find yet another report about a cyber breach, a cyber fraud, hacking, ransomware, phishing, or spear fishing.  Today, these news reports are routine and “above the fold,” the subject of Congressional hearings, company announcements attorney general investigations.  It’s almost a cliché, unfortunately, to tell a business that the question is not “if but when” it will endure a cyberattack.

The Wall Street Journal quotes Cathy Bessant, Bank of America’s Chief Operations and Technology Officer, as saying “There is only one way to be fully protected, and that is to shut the place down.” (October 30, 2017, page R6).  Ms. Bessant also said that “The art of cyber is to keep the firm in business and continue to grow and serve the needs of the customer every day.”  This imperative applies equally at non-profit and for-profit enterprises.  

On November 9, 2017, a panel of cybersecurity experts gathered at the Manhattanville School of Business to explore this “art of cyber,” address the necessary balance, and answer many of the practical cybersecurity questions asked by business leaders.  [My October 30 article tees-up those questions.]

For Tom Morley, Director of the NY Small Business Development Center, preparedness starts with a risk assessment.  “Inventory your data,” he advised.  “Get granular, and catalog the risk:  what would have value to someone else [if stolen] and what’s the value to you if lost?”  Data files are important company assets and as worthy of protection as any physical asset. 

Planning and practice are key cyberprotection tools according to Michelle Mitrione, Manager in IBM’s Security Services Global Portfolio Management group.  “Assess your risks, plan your response, test your plan, and then do it again,” says Ms. Mitrione.  Testing, training, and practice are key to avoiding risks, surviving breaches, and recovering from set backs. 

Rob Rosenzweig, National Cyber Risk Practice Leader at Risk Strategies Company, advises businesses of all sizes to consider purchasing cyberrisk insurance.  As a growing market, there are many insurers offering this product, so a business should be able to shop around to get good coverage.  Then, if your systems are breached, Rob said to think of the insurer as your “one-stop source” for recovery services.  The insurance company should be able to arrange for specialists to investigate the breach, provide legal advice, monitor credit for customers (if appropriate), and assist in restoring corrupted files.

The first thing to do if you suspect a breach, says Andrew Kaplan, President of Ekapco, a computer network and systems solutions company, is to disconnect the computers from the Internet.  This might mean unplugging a communications cable or turning off the Wi-Fi.  Then, both Andrew and Rob advise that you call (1) your IT professional and (2) your lawyer in rapid succession.  Bringing in legal counsel early is important to insure compliance with consumer notification laws and other regulatory requirements that vary by industry. 

Now, even as your firm is recovering from the breach, start updating your plan and identifying problems that might be avoidable.  All the speakers warned that recovered data and computer applications must be screened before reloaded onto company computers—you don’t want to re-infect them if the backed-up version carries a virus or foreign program.

In evaluating risk, consider isolating certain systems.  Mssrs. Morley and Kaplan recommend keeping some computers away from the Internet.  They recommend that you assess whether your systems (inadvertently) expose internal data sets and proprietary information to the Internet, when they only need to be available for internal company use.  Speaking of internal use, Ms. Mitrione cited statistics on the risk of breaches from internal sources, either accidentally or maliciously.  Employees should be given access only to the internal systems required for their work—not everyone needs access to all systems. 

Importantly, all panelists spoke about creating a culture of awareness and quick response—train staff actively, make sure they understand the urgency to promptly report problems and suspicious activity, and work to see that everyone stays alert! 

Finally, the panelists provided the following important tips and successful strategies to enrich cybersecurity.  And, email me your business questions for cyber security [] so we’re ready to answer them in future programs.  

Cybersecurity:  Readiness, Response & Recovery
Tips and Best Practices from Expert Panel
Manhattanville School of Business, November 9, 2017

Tom MorleyDirector
Small Business Development Center for Putnam, Rockland, Westchester Counties

Information is an asset deserving protection.
Cybersecurity is easier than some may think.
Cybersecurity isn't optional.

Robert H. Rosenzweig, RPLU | National Cyber Risk Practice Leader
Vice President, Risk Strategies Company

It is not just a technology issue, people and processes are part of a problem. Train your employees!

The organizations that are best positioned to minimize the cost and reputational impact of a data breach have an incident response plan and stress test it with table top exercises.

Not all Cyber Insurance policies are created equally, make sure you are working with a true specialist broker and understand what you’re buying.

Michelle Baselice Mitrione, Manager
IBM Security Services Global Portfolio Management

Don't get comfortable. You ran your penetration test and now think you are done for the year.  This is an ever changing threat landscape and we must stay vigilant.

Know your data.  Are your “crown jewels” classified as such? Where does your critical data reside? Who owns sensitive data?

Know who to call.  Treat breaches as business critical situations and not just an IT problem.

Andrew Kaplan, President
Ekapco LLC

The END user is the final defense, and the defense is only as good as the weakest link in the chain.

DO NOT OPEN ANY attachment/links without taking a moment to think is this VALID, if not sure ask someone, and there should be a Ask path, who asks who when not sure.
NEVER let anyone add anything to the network without default passwords being changed: camera systems, postage meters, copiers, printers. AKA a target.

Ads Inside Post