Save the Day in a Methodical Way

Data-codes-seen-through-an-eye-glasses

[Editor’s note: This guest post comes to us courtesy of tech consultant Rick Delgado. To submit guest articles email erik@bernsteincrisismanagement.com]

As the ever changing cyber security threats continue to rise, businesses are eager now more than ever to protect their company networks, computer systems, and confidential information. Having a strong cyber security program is necessary for developing and conducting the right safety measures that will ultimately protect an organization’s data, resources, and assets. However, in addition to the advanced techniques of hackers, with more and more devices that are adopted by businesses creating their own data, storing personal information, and coming equipped with internet capabilities, there are more routes available for hackers to access this information and therefore more opportunities for a business to experience a security breach.

It is important that businesses and other institutions have access to the best talent and technology in order to keep up with and surpass the efforts and persistent threats of cyber hackers. With these constant shifts in technology, whether they be improved data storage or intelligent video analytics, traditional security protocols are just not enough anymore. As businesses look for new security solutions to invest in, they should consider approaching their cyber security efforts in a more methodical way. Specifically, businesses need to find methods that allow for adequate time to perform security monitoring measures without slowing down networks or interfering with a user’s experience. Here are two systematic techniques businesses can use in their cyber security criteria.

Second-Level Screening

Security monitoring and network gateway devices prove to be some of the most fundamental tools within a business’s information security system. However, in order to keep everything running smoothly, these programs are often required to make judgement calls very quickly. While these indicators are fast, they can also be unreliable. This rushed decision making process can lead to errors, both with rejecting clean files and admitting malware. In order to prevent misjudgments but still allow for a speedy detection process, businesses should invest in security architectures that rely on second-level screening processes. Using an additional screening procedure allows for files that originally passed through the quick scan to be examined more carefully. This second screening can use slower but more reliable processes such as detonation, static analysis, and other methods to ensure better and stronger security systems. If infected files did have the opportunity to make it past the original scan, second-level screening will be able to alert a business of this breach, giving them the chance to respond and recover from any damages before they are too severe.

Isolated Web Scanning

Just as using a second-level screening process allowed for slower but more efficient analysis of incoming files, it is important that cyber security monitoring systems have more time when interacting with the web. Traditionally, security systems were able to protect their network from malware sent through email, however, many cyber hackers are now using infected links to the web within emails instead of directly inserting malware. Some security systems attempt to scan these links, but unfortunately these sites can detect when these scanners have accessed the link and can either create complex pathways or present a clean site. In order to protect a business from malware accessed through the web, organizations need to invest in security programs that isolate the browser from the data flow and its movement of the file to the desktop. This separation can keep this data contained while the security monitors have time to analyse and detect whether or not it presents a threat. Incorporating this method of isolation allows for data to be processed without affecting a user’s experience on the web. Additionally, this security protocol only needs to scan files that the user wants to save.

Approaching your cyber security program with these two methodical ways in mind will allow your security systems more time to analyze incoming data and provide more accurate results. By investing in systems with second-level screening and isolated web scanning abilities, businesses will be able to be better prepared for security threats. As data breaches become more and more sophisticated over the years, they also become more complex and expensive. It’s estimated that over the past few years, the average cost of an information breach has increased by 29 percent. It is important for businesses to remember that it is far less expensive to prevent a security breach than it is to pay for the damages of one.

Rick Delgado is a business technology consultant for several Fortune 500 companies. He is also a frequent contributor to news outlets such as Wired, Tech Page One, and Cloud Tweaks. Rick enjoys writing about the intersection of business and new innovative technologies.

Likeminded Communication

People discussing work details at work

Trying to communicate technical information to various cultures is not as simple as others may think. For a technical communicator, it requires more than just training, because being moderately acquainted with cultural differences is just not enough.

Likeminded

A previous post that I had written on communicating globally, noted that ‘Individuals need to understand the culture; their language, ethics, principles of value, moral codes, etc. …’ I still think those are very important attributes. However, being ‘likeminded’ should also be added to the list.
What is important is not only being able to communicate the ‘right words’ clearly and correctly, but to also be able to be ‘likeminded’ with the audience so that they can really understand what you are saying.

For example, within technical documentation, writing ‘Click the box.’ may have an individual trying to tap on any box on a monitor screen, whereas writing the instruction ‘Put a check mark in the box beside the appropriate….’ might have been more easily understood. It is important that the communicator be able to relate to, understand, and recognize how the audience accepts those words in order to ensure that the information is transferred correctly.

Empathy

I would also like to include just one more critical item to the list, and that is ‘empathy’, because it is important to understand how the individual will perceive the information, and that can be defined as having empathy. How someone responds to words depends on how they are related to or connected to those words.

For example, saying to someone that you think they are ‘working too hard’, could actually be misinterpreted as a criticism and not a nice comment on their good work ethics. They may mistakenly interpret it as they are working too slow. The individual may be very sensitive and insecure about themselves and so may take the statement the wrong way. To get around this, it is a good idea to smile when a statement is made and follow it with another statement about the individual, such as, ‘Your work is so good, you don’t have to work so much or so hard’.

Outcome

The above were simple examples. But more importantly, to ensure that everyone is on the same page, connecting by being ‘likeminded’ and having ‘empathy’ for your audience is as important as other items previously listed. This is really important especially when creating requirement specifications at the onset of the project (as those documents are an agreement between management and their client describing the background of a project as well as how and what is needed to complete the project). Hence if you do not explain a project correctly in the beginning, then any succeeding specifications (technical, functional, etc.) will not be correct.

As an added note, your audience has a stake in understanding what is communicated, so be understanding and be aware of the above factors mentioned before you make a statement or convey your information. These factors lead to less misinterpretation when writing or speaking to your audience. It also makes us aware of possibly different expectations as well.

If you have other thoughts on relating to the audience, please leave a comment. Thank you.

Help with Severe Weather Planning

A-heavy-thunderstorm-brewing

Hurricane season is on the way, and tragically many businesses will be caught under-prepared. In 2012 severe weather caused more than $100 billion in damaged within the U.S. alone, and a failure to plan and prepare can mean a big storm takes your business out for good. There are enough unpredictable crises in the world, there’s no excuse to not plan for events that can be expected to impact you.

To help, our friends at MissionMode have published a whitepaper on severe weather planning that includes tips on planning, preparedness, and resiliency:

This white paper is a guide to planning and implementing your weather response, and it’s much more than a simple checklist. Resiliency is the ability to withstand and ‘bounce back’ from an emergency event. The white paper helps you to think through the processes that will result in a successful response to a weather threat. Your business and people will then be truly prepared and resilient.

To download the paper, head to the MissionMode site by clicking here.

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

Avoiding Social Media Marketing Mistakes

A-company-social-media-marketing

Steer clear of trouble on social media

Ahhh social media. It’s so awesome, but at the same time there are so many pitfalls waiting to cause issue for your brand. In this infographic, the experts from Quill.com lay out some ground rules for the most common social media blunders and how to fix the problems they can create.

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

Help Spotting Fake News

live-fake-news-wallpaper

“Fake news” has become a major buzzword, but don’t let that distract you from the fact that it’s a real problem. The drive for rapid reporting and need to break stories to grab those ever-more-valuable clicks has hurt journalistic integrity. Now it’s up to you to do the research on news coverage you find online or even in print and decide for yourself whether it’s a story you can trust.

FactCheck.org published a great piece titled, “How to Spot Fake News” back in November, and the IFLA’s Library Policy and Advocacy blog team converted it into the handy infographic below:

How-to-Spot-Fake-News-1

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

 

[Guest Post] Crisis or disaster? IT has helped blur the language

A-blur-image-of-an-office-woman-and-a-camera

[Editor’s note: Many thanks to frequent contributor Tony Jaques for allowing us to use this article, originally published in his Issue}Outcomes newsletter. Tony often covers news out of Australia and the surrounding regions which lets us take a look at great crisis management case studies we may not have seen otherwise.]

Crisis or disaster? IT has helped blur the language

It’s time business stopped misusing the word disaster, and the IT industry needs to take a good share of the blame.

Most recently, an April post on the Hewlett Packard Insights blog, declared: “In general, anything that significantly impairs day to day work can be considered a disaster.” The reality is, No, it can’t!

Writer Wayne Rash went on to say: “It’s worth noting that a disaster in this (IT) context does not necessarily mean widespread destruction, loss of life, or general catastrophe. What a disaster means to you is defined by what interferes with your operations to the point that it endangers your business and thus requires a disaster recovery response.”

What Mr Rash is saying just might, maybe make sense in the IT world where such language is common, but it’s bleeding into general management usage, and that’s a big problem.

Of course the IT industry can’t take all the blame for devaluing the word disaster. Contrary to typical news media headlines, losing a crucial football match is not a disaster, nor is a temporary fall in a company’s share price. In fact, in recent times, the word ‘disaster’ has progressed from being devalued to being entirely trivialised.

A celebrity posting an unwise twitter message is now labelled as a ‘PR disaster’ or a ‘social media disaster,’ while a Hollywood star choosing the wrong dress for a red-carpet event becomes a ‘fashion disaster.’

This language is genuinely unhelpful and distracts attention from serious matters of real concern. Consider by contrast the United Nations definition of a disaster as: “A serious disruption of the functioning of a society, causing widespread human, material or environmental losses and exceeding the coping capacities of the affected communities and government.” Or within a business context, the Dutch crisis experts Arjen Boin and Paul ’t Hart say: “A disaster is a crisis with a devastating ending.” Anything less just doesn’t quality.

While there is clearly a massive difference between a pop culture ‘disaster’ and a true societal or organisational disaster, contamination of broader business language by misuse of the word has serious consequences for issue and crisis managers.

A key consequence arises from the widespread belief in the IT world that the answer to just about every such problem is a disaster recovery plan. As Mr Rash put it: “A disaster recovery response is the set of actions your organisation must take to continue operations in the face of an unforeseen event.”

Business continuity and operational recovery are vital, but they are just one tactical element of an organisation’s crisis management process. The modern approach to crisis management recognises that it should encompass crisis preparedness and prevention; crisis response; and post-crisis management (of which operational recovery is one part). And that it applies to every type of crisis – financial, organisational, legal, political and reputational, not just operational.

We all love IT and the wonders the digital world can bring to issue and crisis management. But any organisation which says: “We have a great business continuity plan so we are crisis- prepared” is in line for a very big and very costly surprise.

Tony Jaques manages Australian-based issue and crisis management consultancy Issue}Outcomes, and is the author of Issues and Crisis Management: Exploring Issues, Crises, Risk and Reputation, available on Amazon now.