search.noResults

search.searching

note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Risk Management


VB: Do we have enough people to combat these attacks? Is anyone having issues with trying to get cybersecurity professionals? DePlato: I would say people are definitely interested in it, but it takes a specific mindset. You have to have a very analyti- cal mind, want to solve puzzles and want to do deep analysis. In prac- tice, what I’ve come across are a lot of managed-service providers who think that they can do security,


and their idea of security is throw- ing some firewalls in place, putting some security appliances in place, and it ends there. And I’ve come across people that are in the cyber- security realm that just like being known as a cybersecurity analyst or a professional hacker. But they don’t have that next level of knowledge. They don’t understand the long view or how to take an organiza- tion from where they are right now and get them to a point where they are secure and can actually defend against an attack.


VB: Mike, what about you? Are you able to find what you need? Hardin: Well, personally for us, we rely heavily on the brands that we work with, and it’s more their role to hire and bring in those professionals. So they handle that for us. But we have an internal team that works together with everyone in our groups to make sure we’re staying


ahead of the game, staying ahead of what’s coming. It’s a constant reminder that we do have to stay on top and ahead of these things and see what’s coming, make sure we’ve gone back and double-checked everything again, double-checked the training. We always want to be aware.


46 JULY 2017


Manic: Our senators and con- gressmen state we have 17,000 open positions in [cybersecurity] in our state. That’s second only to California, which has 19,000 open positions. There’s this huge need that some universities like VCU are trying to fill. There are a number of strong universities in the state. All together I doubt they can fill the void. VCU had been trying slowly to grow this angle of cybersecurity certificates for those with different backgrounds. That’s probably the key because, just looking at young generations going into cyber educa- tion, it’s not enough. We need to recertify, retrain people with differ- ent backgrounds to somehow start filling the void.


Inabinet: It definitely takes a spe- cial kind of person. You have to be a really good analyst and be curious and realize how things yesterday are not necessarily how they’ll be today. It’s a constant cat-and-mouse struggle with trying to secure these networks.


Lewis: From a talent perspective, we struggle finding the right talent. In a lot of cases, we’re always look- ing for people that have experience, and they are just hard to find. The good ones are already taken. You’re playing the compensation game. The really good ones will train up with you and then leave. That’s a challenge in itself. But even with the younger generation, the more tech is commoditized; there are fewer opportunities for people to really understand how technology works to get over the hump and start learning about protocols and learning how to beat systems. There are lots of people that have pretty résumés. You bring them in and talk to them, and they’re book smart. They’re not going home at night [to] read and dream about this and take things apart and ask why. It’s the people that are really willing to go above and beyond what they’re told to do and have initiative. That’s the hard thing to find.


VB: We’re going to talk a bit more about the insurance and the legal side of things. Alyson, how can small businesses protect themselves? Newton: I think first organiza- tions have to understand that it’s an enterprise-wide discussion. It’s not just a discussion that should be had at the IT level. It should be had at all levels of the organization, starting with the board, the executive offi- cers and filter- ing down to the employees. Doing training exercises to understand, “I shouldn’t be


opening this email.” So it can’t be siloed in the organization. Secondly, I think you really have to know your data. What do you have? Where is it housed? What are you using it for and who has access to it? Is it backed up? And then also one of the areas we talk a lot about with our clients are outside vendor contracts. Some companies say that because their payroll is outsourced, “That payroll provider is liable if some- thing happens to my data.” No, you are, because it’s your information, and you are legally responsible for it. I think [it is highly important to go] through that whole discussion of what should the culture be at the organizational level and then developing a checklist of everything you should be going through and to be very aware.


VB: Collin, would you like to add something here? Hite: The first thing for the smaller and medium businesses [is to realize], as the others have said, you are a target. This idea that the criminals only want the Targets or the Home Depots of the world is a complete fallacy. Because smaller breaches don’t show up in the media because they’re not affecting enough people, there’s a false sense of


Photos by Rick DeBerry


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72