National Association of Counties

Blog

Healthy Living, Healthy Agency

By AT&T, Patrick Robinson, SSCP, GSEC   Feb. 6, 2018
Tags: Corporate Engagement, Telecommunications & Technology, Health
  • Blog

    Healthy Living, Healthy Agency

    2018 is here! The inevitable “New Year’s Resolution” (NYR) is done, but probably not in effect.  As with many, the NYR is often dead on arrival the moment it meets a “real” test, like chocolate, hamburgers, or the dreaded 5:00 a.m. workout.

    As humans, we’re remarkably predictable. That’s why gym memberships rise in January. It’s why almost every magazine focuses on health.  And, it’s what cyber criminals rely on. Human predictability.

    The elite cyber criminals know human behavior better than most, and exploit those behaviors very effectively.

    That led me to think about NYR’s and a new class of NYR – the healthy cyber secure lifestyle.  Most particularly, a healthy cyber lifestyle for agencies and organizations. 

    The parallels between a healthy human lifestyle and a healthy cyber secure lifestyle are uncanny:

    Healthy Human Lifestyle

    Healthy Cyber Lifestyle

    Get a physical – A physical is a comprehensive assessment of the good and the bad, administered by a professional and a team of experts that know what a healthy body looks like. A good professional will provide specific recommendations for improvement.

    Get a risk assessment – A risk assessment is a comprehensive assessment of the organization’s people, policies and technologies. It identifies the good and the bad and makes recommendations for improvement.

    Start a plan – the first step to a healthier lifestyle is to develop a plan. Set goals, make commitments, take action. And, spend money.

    Start (or improve) a security plan – if you don’t have a plan, start one. If you do have a plan, revisit it for improvements.

    Establish milestones – If you want to lose 10 pounds (or 110 pounds), you set goals to let you know you’re making progress.

    Establish targets – you establish target objectives, such as having a policy about “X” in place by a certain date. Or, you’ll have a certain technology deployed by a certain date.

    Set a budget – get a gym membership, join a healthy food club, hire a trainer. Somewhere along the way, if you’re serious, you’ll spend money to achieve your goals and milestones.

    Set a budget – invest in people, spend money to create policies, purchase technologies. Invest intentionally in such a way that your plan (step 2) is progressed as a result of your spending.  Tie expenditures to expected results.

    Measure results – Weigh in, get a blood test, measure your waist. Do something that measures whether your goals, milestones, and investments are paying off. Are you lighter? Are you stronger? Are you more fit?

    Measure results – establish measurements that prove you’re doing the right thing. If you invested in a technology to reduce email threats, you should be able to quantify the results.

    Make adjustments – don’t be afraid to take corrective action. If the diet isn’t working, change it. If the gym isn’t working, change it. Adjust with intent to get back on track.

    Make adjustments – if you're not getting measurable results, take corrective action. Reassess, make changes, re-establish, but keep moving forward.

    Repeat – It’s seldom that people on a healthy lifestyle for 2018 will just stop. They’ll get another physical, find areas of improvement and continue the process.

    Repeat – a cyber-healthy organization will re-evaluate, re-assess and re-invest in 2019 and beyond. It is, after all, a lifestyle.

    A healthy human generally costs less to operate than an unhealthy one. Any benefits department would probably agree, and maybe even add to that thought.  Healthy people are less sick, have higher attendance and are generally better able to contribute to the organization(s) they support.

    Similarly, cyber-healthy organizations spend money, can measure success, and are less likely to come under attack than un-healthy cyber organizations.

    We don’t get to choose whether we associate with germ-carrying people (unless you’re Howard Hughes and can afford to live in a bubble).  As such, our healthy human lifestyle will come in contact with unhealthy humans. And, we’ll survive.  The same applies for a cyber-healthy organization.  They will come in contact with hackers, spear-phishers, ransomware, and other cyber “diseases”.  And, they will survive.

    Happy New Year’s Resolution to you. May your life and your organization enjoy a healthier 2018.

    2018 is here! The inevitable “New Year’s Resolution” (NYR) is done, but probably not in effect.  As with many, the NYR is often dead on arrival the moment it meets a “real” test, like chocolate, hamburgers, or the dreaded 5:00 a.m.
    2018-02-06
    Blog
    2018-02-06

2018 is here! The inevitable “New Year’s Resolution” (NYR) is done, but probably not in effect.  As with many, the NYR is often dead on arrival the moment it meets a “real” test, like chocolate, hamburgers, or the dreaded 5:00 a.m. workout.

As humans, we’re remarkably predictable. That’s why gym memberships rise in January. It’s why almost every magazine focuses on health.  And, it’s what cyber criminals rely on. Human predictability.

The elite cyber criminals know human behavior better than most, and exploit those behaviors very effectively.

That led me to think about NYR’s and a new class of NYR – the healthy cyber secure lifestyle.  Most particularly, a healthy cyber lifestyle for agencies and organizations. 

The parallels between a healthy human lifestyle and a healthy cyber secure lifestyle are uncanny:

Healthy Human Lifestyle

Healthy Cyber Lifestyle

Get a physical – A physical is a comprehensive assessment of the good and the bad, administered by a professional and a team of experts that know what a healthy body looks like. A good professional will provide specific recommendations for improvement.

Get a risk assessment – A risk assessment is a comprehensive assessment of the organization’s people, policies and technologies. It identifies the good and the bad and makes recommendations for improvement.

Start a plan – the first step to a healthier lifestyle is to develop a plan. Set goals, make commitments, take action. And, spend money.

Start (or improve) a security plan – if you don’t have a plan, start one. If you do have a plan, revisit it for improvements.

Establish milestones – If you want to lose 10 pounds (or 110 pounds), you set goals to let you know you’re making progress.

Establish targets – you establish target objectives, such as having a policy about “X” in place by a certain date. Or, you’ll have a certain technology deployed by a certain date.

Set a budget – get a gym membership, join a healthy food club, hire a trainer. Somewhere along the way, if you’re serious, you’ll spend money to achieve your goals and milestones.

Set a budget – invest in people, spend money to create policies, purchase technologies. Invest intentionally in such a way that your plan (step 2) is progressed as a result of your spending.  Tie expenditures to expected results.

Measure results – Weigh in, get a blood test, measure your waist. Do something that measures whether your goals, milestones, and investments are paying off. Are you lighter? Are you stronger? Are you more fit?

Measure results – establish measurements that prove you’re doing the right thing. If you invested in a technology to reduce email threats, you should be able to quantify the results.

Make adjustments – don’t be afraid to take corrective action. If the diet isn’t working, change it. If the gym isn’t working, change it. Adjust with intent to get back on track.

Make adjustments – if you're not getting measurable results, take corrective action. Reassess, make changes, re-establish, but keep moving forward.

Repeat – It’s seldom that people on a healthy lifestyle for 2018 will just stop. They’ll get another physical, find areas of improvement and continue the process.

Repeat – a cyber-healthy organization will re-evaluate, re-assess and re-invest in 2019 and beyond. It is, after all, a lifestyle.

A healthy human generally costs less to operate than an unhealthy one. Any benefits department would probably agree, and maybe even add to that thought.  Healthy people are less sick, have higher attendance and are generally better able to contribute to the organization(s) they support.

Similarly, cyber-healthy organizations spend money, can measure success, and are less likely to come under attack than un-healthy cyber organizations.

We don’t get to choose whether we associate with germ-carrying people (unless you’re Howard Hughes and can afford to live in a bubble).  As such, our healthy human lifestyle will come in contact with unhealthy humans. And, we’ll survive.  The same applies for a cyber-healthy organization.  They will come in contact with hackers, spear-phishers, ransomware, and other cyber “diseases”.  And, they will survive.

Happy New Year’s Resolution to you. May your life and your organization enjoy a healthier 2018.

About AT&T (Full Bio)

As government continues to find new ways to unite and serve constituents, technology has the power to help. Across the country, dedicated AT&T professionals are working with state and local governments to identify and implement innovative solutions to transform the business of government.​  

More from AT&T

Contact

Related Posts

Related Resources

Related Events

More From

  • Opioid Solutions Center

    NACo’s Opioid Solutions Center empowers local leaders to invest resources in effective treatment, recovery, prevention and harm reduction practices that save lives and address the underlying causes of substance use disorder.

    Learn More