Cybersecurity & Management: What are you risking?

We leave a digital footprint with everything we do. Data is being generated whenever we use our GPS-equipped smartphones or go on social media networks like Facebook and Twitter. This ever-growing stream of information is the foundation of Big Data that MAPC uses to explore trends, crowdsource, and spur change. The power of data gives us an edge on insights and opportunities but this information is also prone to many high profile hacks.

To dive deeper into issues of cybersecurity and management, MAPC staff attended a panel that focused on measuring and managing risk, which went over some best practices that we can implement to eliminate and mitigate possible threats. Organized and moderated by our Planning/Administrative Intern Joshua Weissman LaFrance, four panelists discussed the evolution of data, the infrastructure of data and the role of government in cyberspace at Suffolk Law School.

Left to Right: Ed Adams, MBA (President & CEO, Security Innovation), Marjorie Weinberger, MA JD (Procurement Services Manager/Senior Counsel, MAPC), Melvin Kleckner, MPA (Town Manager, Brookline, MA), Benjamin Ngugi, PhD (Associate Professor, Information Systems and Operations Manager

Key Points from the Discussion

Data transparency between the government and the public
For MAPC and many local governments, it is important that data such as individual contact information, documents, and graphics are made accessible for the public, however this also means that security measures should be taken to lessen weak spots. An example of this would be our reliant on emails. Emails are magnets for phishing and with the advancement of software, it is easier than ever before to create convincing and sophisticated scams. After a recent data breach in the Town of Brookline, panelist and Town Manager, Melvin Kleckner, has taken steps to implement training workshops and in-house phishing emails to educate staff.

The Role of Government in Cyberspace
There is a role of government that cannot be ignored in cyberspace. As described by panelist and MAPC’s Procurement Services Manager/Senior Counsel, Marjorie Weinberger, “the government wants to know you whereas the private sector wants to sell to you.” In today’s digital age, there is an expectation of data being exposed, leading to an important point about the partnership between the public and private sector in obtaining data from the public.

It is inherently a people problem
Even with the best protection, attacks, breaches, and threats can happen, according to panelist and Associate Professor of Information Systems and Operations Management at Suffolk University, Benjamin Ngugi. Much of this new technology and software is exploiting humans because it is so new and unfamiliar for many of us and it is important for companies to educate its staff and practice good cyber behavior. President and CEO of Security Innovation, Ed Adams, suggest prompting staff to create complex passwords or using a password management software and consistently backing up data because restoring data is expensive, it costs about $210 per data file which can quickly add up.

Today, pressure is placed on organizations to stay on top of new technology but companies are not taking precautionary security measures. With the popularity of Internet and BYOD (Bring your own device), agencies are creating weak spots that IT departments cannot always track. At MAPC, our IT and Procurement team works hard to ensure that all MAPC IT contracts are designed to implement best practices that protect personally identifiable information. In addition, MAPC’s IT team is always checking and updating our servers to protect the data of our regions.

Left to Right: Kit Un, Majorie Weinberger, Heidi Anderson, Josh Weissman LaFrance, Carlos Montanez