An agency’s computer system is under constant cybersecurity threats from several factors. While many of them are intentional, such as fraud and theft, there are also the unintentional errors and omissions that threaten a systems security. Let’s take a closer look at some examples. The Intentionally Malicious Information technology is increasingly used to commit fraud and theft. Computer systems are exploited in numerous ways, both by automating traditional methods of fraud and by using new methods. Unfortunately, insiders who are authorized users of a system perpetrate the majority of the fraud uncovered on computer systems. Since insiders not only have access to, but are also familiar with the victim computer system (including what resources it controls and where the flaws are), authorized system users are in a better position to commit crimes. Former employees may also pose threats, particularly if their access is not terminated promptly.

Continuous monitoring involves assessing an agency’s information security posture based on changes to risk resulting from new threats or newly discovered vulnerabilities. The National Institute of Standards and Technology’s (NIST) Guide for Applying the Risk Management Framework to Federal Information Systems (Special Publication 800‐37, Revision 1) specifies continuous monitoring as one of the six steps in information security. As agencies begin looking at cloud initiatives, the challenge is implementing a continuous monitoring program that reduces risk and ensures compliance with NIST and other relevant guidance in an environment of decreased control. The solution begins with knowing where compliance ends and risk begins.

Cindy Cassill is the director of systems integration in the office of the CIO for the US Department of State. Prior to her current position at the Department of State, Cindy has over 30 years of federal IT experience. She was the CIO at the FAA Regions & Centers. She also was the CIO at the US Army Test and Evaluation Command and was the director of IT at the deputy assistant secretary of the army for civilian personnel. This article highlights portions of Cindy Cassill’s presentation and the steps the agency took for their consolidation. Click Here to download the entire presentation and transcript at length.

In the first blog entry of this series, I used this AdultSwim video on YouTube to outline the five stages of grief and then related them to the five steps to a successful technology implementation. The subsequent entries included have gone into more detail for each stage and step – Needs/Denial, Process/Anger, and Training/Bargaining. That brings us to this final entry in this series, which will cover: Step 4: Technology Rollout; or, Stage 4: Depression Stage 5: Rallying the Users; or Stage 5: Acceptance Along the way I’ve drawn a comparison between Technology Implementation, Therapy and the Kübler-Ross Model for Grief. Implementing new technology in your agency, or any organization, can be hard and if not done right can have catastrophic consequences. Don’t believe me? Just ask Hershey; yes, the chocolate company. Hershey Food Corp spent $112 million and 30 months of implementation effort, however, when they attempted to go live in July 1999, the company experienced catastrophic failures with sales order processing, which had a crippling effect in shipping delays and deliveries of incomplete orders. That’s a lot of melting chocolate.

This is the fourth entry in a six-part blog series. In the first blog entry in this series, I revisited the YouTube clip outlining the five stages and focused on Step 1 Assess Needs/Stage 1 Denial. I can’t get enough of that video…if you haven’t watched it yet, now is as good a time as any. Step 3: Training and Discipline; or, Stage 3: Bargaining

This is the third entry in a six-part blog series. In my last blog entry in this series, I revisited the YouTube clip outlining the five stages and focused on Step 1 Assess Needs/Stage 1 Denial. Now, it’s time to talk about:

This is the second entry in a six-part blog series. In my last blog entry in this series, I humorously drew connections between Technology Implementation, Therapy and the Kübler-Ross Model for Grief[TR1] (here is the video again, just because it is hilarious: [c2] http://www.youtube.com/watch?v=Usm9SpnHYJQ&feature=player_embedded). Now, I want to follow-through on that analogy to show the specific connections between the five steps to a successful implementation and the five stages of grief: Step 1: Assess Needs First and Technology Second; or, Stage 1: Denial

I was asked to speak last week at a Women in Technology event on the Intersection of Technology and Marketing. As one of four panelists, I had only 7 minutes to present an idea and then field questions from the audience. This presentation was a big enough hit that I thought I should share it here. Typically, I speak to how DLT uses technology to monitor marketing metrics and get the best results. Since another panelist was taking that topic, this time I spoke to some basic principles for getting the best results out of implementing a new technology, any technology – software/hardware/SaaS. Whether for marketing or any other business need, there are certain truths that are unavoidable. The first truth is that implementing new technology can be hard. The second is that if not done right, it can have catastrophic consequences for your organization. And, last, there is a human factor in every implementation that must be taken into consideration.