Archive for October 2017
Cyber Security Chicago Wrap-Up: Final Thoughts
(Special thanks to Cyber Security Chicago for the complimentary pass, and please be sure to read our pieces on Kevin Mitnick, Rotem Katsir, and Mark Lambiase. And please don’t forget the Puerto Rico relief fundraiser on October 27th)
When I first considered attending Cyber Security Chicago, I must admit that I felt like I “knew it all”…for an amateur. I knew not to open suspicious attachments or click on suspicious links. But I realized that there was an opportunity to provide guidance and insight for nonprofits, social enterprise, and other mission-driven organizations. Many vendors provided some great tools, and I learned quite a bit, but the question remained: was attending Cyber Security Chicago worth it?
And I have to say….yes.
As many of the workshops reiterated, there is a huge need for businesses to stay mindful of potential security threats. Although I could not make all of these workshops, the titles alone should provide readers with a sobering moment of clarity:
- The Hidden Threats of Weak IoT Security within the Enterprise
- The New Era of Cyberthreats
- The Future of Cybersecurity
- How to Avoid Another Equifax-like Data Breach
- Understanding IoT in Today’s Organizations
- Why Hackers Still Get In
- The Dark Side of IoT
One of the key themes of Cyber Security Chicago was that organizations need to be more mindful of their network and data security. Although this seems rather daunting for some resource-strapped organizations, it also is one of the most easily fixed through greater individual scrutiny, awareness of technology resources, and a much stronger need for digital excellence and literacy within nonprofit, community, and mission-driven organizations. 
My biggest concern going into Cyber Security Chicago was that it might be “too” technical for me – after all, I’m a freelance writer/blogger who also works as an online marketing/social media consultant. Although I have some “techie” credit (I managed to install Ubuntu onto a Panasonic Toughbook a few years ago in an effort to adopt more open source software in my computing). But even with the lack of “technical” expertise, I also now understand the methodology that hackers adopt in order to gain access. I also have a much broader awareness of the scope of the issue….
…and the second lesson is that data breaches can often be prevented. The recent Equifax breach is a key example since many of the problems might have been prevented with a simple software patch. Many nonprofits and mission-driven/community-based organizations may not necessarily have the resources for higher-end software fixes…but keeping up to date on their current software (and exploring more cloud-based and open source alternatives) might be the best solution…
Conferences like Cyber Security Chicago are sorely needed since businesses are operating a more global, interconnected scale. As customers and clients become more interconnected with organizations, their data provides access to great wealth and control. Although Cyber Security Chicago might appear to be a “techie-only” conference, it was worth attention.
This is Cyber Security Chicago’s first year. I’m hoping they will come back…and if they do, I will definitely be there.
Questions or comments? Please leave them below or join the conversation on Facebook.
And as always, thanks for reading!
Cyber Security Chicago Wrap-Up: Mark Lambiase of Fox Technologies
(Special thanks to Cyber-Security Chicago for complimentary access and Mark Lambiase of Fox Technologies for his time and insight. For other highlights, please check out part one with Kevin Mitnick and part two with Rotem Kasir) Please don’t forget about the Puerto Rico relief fundraiser at Uncommon Ground on October 27th).
According to Mark Lambiase of Fox Technologies, we currently live in an interesting period in computing. After attending his presentation for Cyber Security Chicago and a short conversation with him afterward, I believe that it is critical for nonprofits and other mission-driven businesses to see the impact of these rapid changes.
To paraphrase Mark’s presentation “Cloud, AI, Big Data… OH MY! How the Growing Scale of Systems is Changing the Game”, businesses are facing many challenges in an “interesting period in computing.” Movement from monolithic to modular systems, from “waterfall” to “swift” to “agile”, even thinking from “MIS” to “IT” to “DevOps”…technology is forcing businesses of all sizes to rethink their approach to technology. As changes in technology happen, both Moore’s Law (computer power growing for each dollar spent year) and Rubin’s Law (reduced cost of technology due to business growth, not savings) impacts how businesses spend their resources. As a result, as technology tools are revamped and become more efficient, there is increased use and many enterprises are challenged to stay up to date, as per the Jevons paradox. To summarize, businesses can do more because tools are becoming increasingly accessible and capable of handling complex tasks.
Many companies are learning how to handle “virtualized” work, leading to an increasing reliance on “rented” cloud-based resources. As a result, businesses (including nonprofits and mission-driven organizations) are participating in a restructured tech economy. With increasing scales of data, businesses are learning that Optimal is not always available and have to adapt accordingly. As he finished his presentation, Mark presented four key takeaways for businesses:
- Do not expect past solutions to solve future problems
- Expect failure (in plans, procedures, and tools)
- Accept workarounds
- Plan as best as you can
After the presentation, I was fortunate enough to have a one-on-one conversation with Mark Lambiase. Mark is the Chief Technology Officer for Fox Technologies, a global security company that helps organizations centralize Linux and Unix access management across hybrid IT environments. As a leader in the data security industry for over 30 years, Fox Technologies is trusted by several of the world’s top Fortune
In my conversation with Mark, we both agreed about the implications of current technology trend
s for nonprofits and smaller/mission-driven businesses. One key takeaway for organizations of all types was that as the costs for adopting tech are dropping, various organizations have to accommodate changes in how they operate. For many nonprofits and mission-driven organizations, agility is a driving principle in their operations. Cloud-based technology has resulted in greater economies of scale (since businesses can rely more on “rented resources” like SaaS), and nonprofits/smaller businesses are poised to take advantage of these trends.
For nonprofits used to scrimping and fundraising, investing in IT may seem counterproductive. However, with greater ability to perform greater tasks as reduced cost, nonprofits/mission-driven businesses now have the ability to modernize their tools to manage greater complexity and chaos. To summarize Mark’s perspective “Technology needs to be an appliance…and technology should be accessible, understandable, available, but does not have to be technical.” Changes in technology have a great impact on how businesses handle complicated tasks…and nonprofits have a strong advantage in leading the charge.
Encapsulating everything about Mark Lambiase’s presentation (and our follow-up discussion) would be difficult in a single blog post. However, there will be some posts in the future that discuss these implications in detail.
Tomorrow will be the final part of our Cyber Security Chicago wrap-up and will summarize my overall impressions. As a tech-minded individual who has a background working for nonprofits and other technology-based companies, this was a show that piqued my interest. Tomorrow’s post will answer one question – do I feel Cyber Security Chicago was worth attending?
Spoiler alert: the answer is “yes”. Details tomorrow.
Questions? Comments? Please leave them below or join the conversation via our Facebook page. (Please note that all comments are moderated). If you wish to contact me privately, information can be found via this blog’s About page.) If you are a community organization of any size that wants to be highlighted in this blog, you are more than welcome to contact me.
And as always, thanks for reading!
Cyber Security Chicago Wrap-Up: Rotem Katsir of Votiro
(Special thanks to Cyber Security Chicago for providing a complimentary pass and Rotem Katsir of Votiro for her time and insight. Please be sure to check out our first installment on Kevin Mitnick here.)
Chicago-area nonprofits, social enterprise, and other mission-driven businesses have a special stake in cybersecurity. After all, mission-driven organizations deal with sensitive donor and financial information. However, many organizations may lack resources to ensure complete security. So why is it especially important for smaller organizations to make sure that their data and digital information is secure.
“Hackers don’t care,” Rotem Katsir of Votiro told me. Hackers don’t discriminate when it comes to targets. If they are looking for financial information, nonprofits and other mission-driven organizations are especially vulnerable given their lack of resources, including proper security information. 
Ms. Katsir works for Votiro, a company founded by security experts that develops and licenses unique security software solutions that help protect organizations from external cyber attacks. Most of Votiro’s work focuses on “taking the human factor out”. Their core technology sanitizes files by breaking down the content of each file to its basic components and reconstructing a clean and safe new file. This can prevent any malicious attack from coming into an organization.
One key issue for nonprofits and mission-driven businesses is their lack of a complex security team, making these organizations easier to attack. In the past year, 95% of all hacker efforts came from spear phishing and 98% came from malicious malware/ransomware attacks. Most businesses have the resources and strategies for handling offline attacks, but how can nonprofits and other mission-driven businesses protect themselves?
As Rotem Katsir explains, smaller organizations can protect themselves by behaving like other organizations and taking a “back to basics” approach. Despite lacking resources, there are smaller strategies that nonprofits, mission-driven, and other small businesses can implement to keep their data secure and avoid attacks:
- Practice greater awareness when opening e-mails (especially with attachments).
- Use free web-based tools like VirusTotal to investigate any links before clicking on them.
- Make sure your organization is using the latest software (Equifax’s breach, for example, occurred because they didn’t install the latest patch.)
- Check all credentials when receiving a questionable e-mail;
- Develop a security policy, even if it means relying on one person who knows your organization’s system
- With cloud-based vendors, ask about security processes (like 2-factor authentication) and how the provider will be handling your information.
Photo Courtesy Cyber Security Chicago
One of the highlights of my conversation with Rotem Kasir was learning about General Data Protection Regulation, an initiative of the European Union to ensure consistency of data protection across borders. With the emergence of a more interconnected, global economy, it becomes imperative that data protection standards are equal across all borders. Although many businesses and organizations can adopt higher-end systems, organizations of all sizes (including nonprofits and other mission-driven businesses) can take a “back to basics” approach.
Data security and protection rules are changing, and many organizations are struggling to adapt. For nonprofits, social enterprise, and other mission-driven businesses, the first step is not adopting a system…but rethinking how they operate. Caution is the best first step towards making sure their systems – and data – are safe and secure.
For many nonprofits and other mission-driven organizations, concepts like “big data, “cloud computing” and “artificial intelligence” seem daunting…but what are their real-world implications? And why should nonprofits, social enterprise, and other like-minded organizations care? Tomorrow’s Cyber Security Chicago profile will give you the answer. And it might surprise you.
Questions? Comments? Please leave them below or join the conversation via our Facebook page. (Please note that all comments are moderated). If you wish to contact me privately, information can be found via this blog’s About page.)
And as always, thanks for reading!
Cyber Security Chicago Wrap-Up: Kevin Mitnick
When I learned about last week’s Cyber Security Chicago conference via Twitter, I thought this would be a great opportunity. After all, how frequently does someone from the nonprofit or social enterprise community get to focus on security and data issues? (Plus, Cyber Security Chicago was making its debut this year, so I felt it was worth checking out for my own education as well). So I requested (and received) a complimentary press pass and attended last week’s conference at McCormick Place.
Good news – there was plenty of great information that would provide some insights into digital excellence and literacy. Not-so-good news (depending on your perspective) – there is so much content that this week, One Cause At a Time will have four posts focusing on key issues from the conference, as well as key insights from specific people.
One of those people was Kevin Mitnick of Mitnick Security, who delivered the opening keynote address on how hackers and online con artists use their skills to compromise unwilling users. Despite a relatively over-the-top opening video (showing scenes from classic caper/heist films and television shows like Leverage), Mitnick delivered a really insightful presentation.
Mitnick discussed methods of social engineering, by which many hackers and con artists work to convince another to comply with a request to compromise their computer network. Many of these social engineering efforts involve influence, manipulation, and deception…and often do not require specific operating systems and which have a low risk for the attacker. (Mitnick also discussed more elaborate methods of deception, which will be discussed later). Social engineering is effective 99.5% of the time, and range from everything as simple as a phishing e-mail to more elaborate strategies like ransomware.
Mitnick also introduced (for me, this was a new idea) the concept of spear phishing or targeting a specific individual within an organization to acquire network access. During his presentation, Mitnick demonstrated how hackers could use special software to determine basic network information. By finding a specific person listed, an e-mail address could be generated (often through trial and error) and a specific e-mail crafted for a particular purpose (like generating a wire transfer of a large amount of money). Without necessarily thinking, the target user may enter the appropriate information, resulting in funds being sent to the hacker.
Online predators who engage in social engineering have a specific process for engaging targets. When engaging users to compromise their systems, hackers work to establish a false identity/role and frequently provide a reason for compliance. Building their target’s confidence through information and attention, the hacker also builds rapport through positive influence and reinforcement. The hacker has usually crafted an appropriate response to overcome rejections and has an “out” that allows them to avoid burning their resource. Given the simplicity and ease of strategies….it’s no wonder that social engineering efforts are effective 99.5% of the time.
Throughout the presentation, Kevin Mitnick provided several great real-world demonstrations of how such social engineers work to compromise systems. They often use special software which allows them to redirect phone calls for customer service, Skype contacts, and even false Wi-Fi signals. (One favorite highlight – a young student provided her name and social security number, and her life was revealed to the audience. This young woman consented, and speaking to her afterward…she was not prearranged or planted by Mitnick). Even PDFs can be used to send malware, allowing hackers to distribute ransomware and hold user data hostage.
So what can nonprofits, social enterprise, and other users do to ensure security? Much of Mitnick’s talk focused primarily on being cautious and confirming information. (When that e-mail from the bank looks suspicious, it is easy to double check with your bank). Being aware of potential dangers is often the first step in ensuring security….and Kevin Mitnick’s opening keynote to Cyber Security Chicago set a positive tone for the rest of the conference.
Many of you may be asking, “What can nonprofits, social enterprise, and other resource-strapped mission-driven organizations actually do to ensure digital safety?” Tomorrow’s Cyber Security Chicago post will focus on that very subject.
Questions? Comments? Please leave them below or join the conversation via our Facebook page. (Please note that all comments are moderated). If you wish to contact me privately, information can be found via this blog’s About page.)
And as always, thanks for reading!
Is “Compassion Fatigue” Still A Thing?
In all honesty, I should have known better: I left chemical dependency counseling because of the high level of burnout. (My clientele were homeless, which leads to higher burnout). Working with nonprofits and marketing agencies should have left me depleted, but in dealing with providing care for my mother, part of me wonders….is compassion fatigue still considered a thing?
Much of this thinking was sparked by….well, last week, as I was running errands for my mother, I had a serious fall. I hit the ground hard enough to get a black eye and draw blood. Of course, I was planning to dismiss my injuries as “merely a scratch”….but I fell in front of a police station. When four police officers – wearing vests, sunglasses and armed – tell you to sit and go to the ER, you do so. And I spent four days resting and ruminating….it was the first serious rest I had in awhile, and much of that time was spent reflecting on how much I feel like my ability to be compassionate is severely compromised. For someone who considers himself a “community builder”, that can be extremely toxic and corrosive if left unchecked. Like so many other people, I feel continually under siege, and although compassion is sorely needed…finding it can be a challenge.
Part of it is simply frustration – with everything that’s happening (including the recent Las Vegas shootings…and Charlottesville…and my own recent efforts to balance finding freelance work with caregiving), I find it harder to be empathic. Not impossible to be empathic, or even apathetic, but I am feeling rather diminished in feeling for others. It’s been difficult when asking for help – for many of my friends, their lives take precedence (as well they should); for so many others, especially when it comes to finding work…I’m often told that I’m not “doing enough.” (When I point out that my time can be limited, I get a series of blank stares….as well as the realization that the person is likely to adopt Gary Vaynerchuk’s “crush-it-and-be-a-master” philosophy).
For a person whose time is precious, and who fights to maintain personal boundaries on behavior…it can be draining. Especially for someone like me, who has a tendency to schedule themselves to death. My extracurricular activities are minimal (in fact, the Chicago TARDIS charity auction is my only major obligation), and thanks to tools like StayFocusD, Virtual Hope Box, and AppDetox, my recent break from Facebook has shown me that taking regular breaks from social media can be beneficial for my mental health….yet I still feel like the well’s run dry. So am I suffering from “compassion fatigue”…or do I require another, even longer break from my activities?
(And you may asking a key question…no, I’m not waiting for “the other shoe to drop” when it comes to my mother’s health. She’s taking care of herself, and there’s been nothing of note. I’m also in a relatively healthy frame of mind mentally….remembering a friend who committed suicide four years ago reminded me of a personal oath to take positive steps if my thoughts ever turn towards flat-out despair. Plus, I also read an essay that I wrote for a benefit book on depression and creatives….and read all of the other essays…and get reminded of the best next steps I need to take). But have I experienced the repeated trauma of compassion fatigue…or am I just working through a myriad number of feelings? I’m relatively clear-headed and have a strong perspective about my life, but want to really make sure that I’m handling things in the best way that I can. 
But do I suffer from compassion fatigue, or am I merely burned out? One thing I’ve learned from watching YouTube videos about compassion fatigue is that the first step is usually awareness, followed by self-care….and yes, I am taking care of myself when I can. (It’s hard to balance time when you have an older, ailing parent – it’s like dealing with a fidgety child with a large vocabulary.) That’s meant ceasing contact with relatives who don’t feel that I’m doing enough (and who, ironically, tend to support Trump. Seriously). It’s also trying to find resources for self-care….although let’s be clear, some of the very people who are encouraging others to use resources are cutting funds to those very programs (and yes, I’m talking about our beloved governor Bruce Rauner amongst them).
And like many other people in this country, perhaps I’m feeling less “compassion fatigue” and more basic emotional fatigue. We’re living in a time of great divisiveness, with one side acknowledging the insanity that is happening…and the other not only dismissive of reality but openly mocking those who see what’s happening. I’m not going to deny that we’re all hurting right now – thankfully, I’m not that self-obsessed – but perhaps finding compassion, even if only to nurture ourselves, is becoming harder to find…but gaining in worth. Donating money and supplies during natural disasters is one thing, but demonstrating common humanity towards another is becoming increasingly difficult.
I’m not saying, for example, that we should never accept the unacceptable (so fighting white supremacy and fascism directly with force is always warranted), but that when it comes to our friends, loved ones, and allies….sometimes, the hardest thing to do is show that you care. I’m hoping to change that behavior in myself, and I’ve started with some small victories. Here’s hoping that, when this current insanity wanes at some point, I manage to retain some basic human decency.
Otherwise, I probably have experienced compassion fatigue.
Your thoughts? Please feel free to leave them in the comments below or via our Facebook page. (All comments are moderated) Please use this contact form if you wish to contact me directly.
And as always, thanks for reading!
One Cause At a Time - Archive 
Blogapalooz-Hour: Laughing at the Darkness
leave a comment »
Since I have spent the last four days writing up my notes from Cyber Security Chicago, I missed our monthly call for Blogapalooz-hour, where we have one hour to write on a specific topic. This month’s challenge is….
My sense of humor is….dark. Very dark and absurd.
Naming everything that’s made me laugh could fill several blog posts….from Blazing Saddles (which I conned my father into taking me to see when I was ten) to Monty Python, from the Kids in the Hall (who I actually saw tape their show…and blogged about. Twice.) to the Smothers Brothers and Steve Martin (my friend Bob and I listened to Martin’s Wild & Crazy Guy album repeatedly) and of course, the Marx Brothers (because let’s face it, everyone needs a bit of anarchy and attitude in their comedy)
Comedy helped me to handle life’s various difficulties. My childhood was….well, it was rough. (I was the stereotypical “fat kid”, and of course, I acted out every obnoxious stereotype). I always loved anarchic, smart-ass humor (earning the nickname “Groucho” one year at summer camp) and my jokes often reflected that. When I entered the chemical dependency and (later) nonprofit fields as a professional career, I discovered that a dark sense of humor helped me deal with tough situations. (When you’re working with homeless clients in St. Louis, you need to have an edge).
That time my blog review made the door of Second City. Seriously.
It also helped that humor also helped me become more creative. For a while, I was partners in running a Comedy Community with my friend Mark Kilmer. When he passed away, well…I found the irony in missing Mark’s passing rather absurd. In the aftermath of a painful breakup, I was able to find solace writing for a Python-themed website. And the results are….the results. Even my personal blog (which is liberally quoted in this post) showed a willingness to see the lighter side of things…
…which is good, because my mood can get dark very quickly. My humor has actually moved into a more positive direction. Not so much in terms of vulgarity or nastiness (so it’s not like I’m more Red Skelton than Andrew Dice Clay), but I no longer need to “one-up” people through wisecracking. It’s less the idea of “punching down” than “punching the right target” and gaining a sorely needed perspective. Watching Scott Thompson’s monologues as Buddy Cole in the Kids in the Hall helped me work through my own attitudes about the LGBTQIA community. The Smothers Brothers and Steve Martin allowed me to see how certain forms of art had their own “rules”…which I could tweak.
And Monty Python and the Marx Brothers….taught me that some institutions deserve to be brought down.
Me and Terry Jones, Lakeside Theater, roughly 2009
Having a strong sense of humor has helped me in recent times since I’m attempting to care for my ailing mother and maintain consistent freelance work. It’s never easy, and often stressful (with some discouraging me from working to stay at home full time and those who believe I’m getting a “free ride”), and often leads me to wonder if I’m contracting “compassion fatigue”. But having a sense of humor – and exercising it – helps me keep a well-needed sense of perspective (as well as, quite frequently, a grasp on sanity).
Most of my efforts tend to focus on Twitter and Facebook, because…well, I don’t get out much, so social media helps me fill in the gaps. At times, I have to find my life incredibly absurd: wanting to have a heart-to-heart with a friend, but we’re on completely different schedules; finding myself feeling like an adolescent even though those years are behind me…and I have to crack a grin. Not only because I see how absurd it is, but to stay in the darkness would truly be futile.
But as the graphic/quote from Next Door Chicago above states, when I lose the ability to laugh, I lose my ability to think and retain perspective. And right now….that’s something that is sorely needed in my life.
If you have questions or comments, please leave them below or join the conversation via our Facebook page. If you want to contact me privately, you can e-mail me via my personal website.
And as always, thanks for reading!
Written by gordondym
October 27, 2017 at 5:00 am
Posted in Blogapalooz-Hour, Commentary
Tagged with blogapalooz-hour, nonprofits