search.noResults

search.searching

dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
OPERATIONAL EXCELLENCE


Finding and Fixing Cybersecurity


Leaks Starts with Each of Us By Sara Wildberger


I


n addition to being chief research offi- cer at American University, advancing the university’s strategic research mis-


sion, Diana Burley is also a professor and continues her own work in cybersecurity. Her achievements include being exec-


utive director and chair of The George Washington University’s Institute for In- formation Infrastructure Protection (I3P); leading the CyberCorps program and managing a multimillion-dollar computer science education and research portfolio for the National Science Foundation; and being named one of eight women to watch in IT security by SC Magazine in 2017 and cybersecurity educator of the year in 2014. In talking with her, it’s clear she has a


unique ability to bring a highly complex topic down to a human level. Here, she shares how cybersecurity for residents and for companies starts with individual best practices, as well as a culture that supports these basics. This article was excerpted from a longer interview.


First, know your vulnerabilities Before anyone can develop an effective strategy for cybersecurity, they have to un- derstand what it is they're trying to secure. You need to have a good understanding of where your vulnerabilities lie. That means having a sense of what your processes are, the newness of the technology or the updates related to the software—but also paying attention to where people interact with the system, where they have to insert data or collect data. The second is knowing there are things


that you can do that don’t require spending. For instance, in an assisted living communi- ty, where there are computers that nurses or caregivers access, that would mean simply making sure that they are placed in a se-


cure location, where access is more tightly controlled, as opposed to out in the middle of the floor.


It’s about people and behavior We have to remember that cybersecurity is not all about technology. It also is about people and their behavior. The majority of vulnerabilities that we see


where cybercriminals are able to gain access to systems is through social engineering. One example of social engineering is: I pick up the phone and I call you, and through a series of questions, I'm able to get private data off the computer without ever touching the technology, because I convince you that it's okay to give it to me. That can be a challenge for seniors, but


it’s really a challenge for everybody. The would-be criminals are very, very good at convincing us that they are who they say they are and that we should in fact give them our personal and private information.


Basic best practices for all There are a number of things that we can advise residents and managers of commu- nities to do—and they all fall under the category of cyber-hygiene. Make sure that you're checking the email


address from which something has come. If you do not know the person, regardless of what they're asking you to do, you don't have to click on the link. If you don't know who has sent you a document, don't click on the link. If


it says it’s from someone you know,


but you weren’t expecting it, you can call and check. I use the example of someone pretending to be your doctor's office: The email says you have to complete this form, but you weren’t expecting to receive a form.


38 SENIOR LIVING EXECUTIVE SEPTEMBER/OCTOBER 2020


Thought Leader Profile


Diana L. Burley, Ph.D. Vice provost for research; professor, public administration and policy, IT & analytics American University


Pick up the phone and call your doctor's office and ask: Did you send me an email? Did you need me to complete a form? Keeping virus software up to date is a very important thing to do, too. So is making sure that you keep your passwords secure. If you are writing them down, put them in a place where no one else has access to them.


Take a breath, take a moment I say this to the seniors in my life and in my family: Typically, things aren't so urgent that you have to respond right away. The person requesting information may


say there is an urgency. But it’s very rare that you can't take a moment to step back, reflect, and ask yourself: Do I do this or not? Sometimes that means calling the doc-


tor’s office. Sometimes it means calling your son or daughter or a trusted friend or advisor. Weigh whether or not you need to be in urgent mode. Criminals take advantage of the fact that


as members of society, we want to be respon- sive. We may get nervous or scared. And in that desire to be responsive, you can often make mistakes. I often advise people to just take a moment; take that step back.


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60