During my first few months at my current job, I was not living up to cybersecurity tests. There was roughly one email a week designed to test my insight for email red flags. Since I was putting too much trust in the company, I clicked on them, and received additional cybersecurity training to work through.
Regarding the IT staff, needing to email the staff about any new app or app update has cut into my work time. However, I need these apps to pull off my work the first time, and IT could need some clarification of what I needed, so I often make up the work time afterword.
I have come to realize cybersecurity is a priority, with what kinds of communication still gets through to employees. I have gotten used to spam messages and voicemails on my phone from random numbers, but random people posing as co-workers is even more underhanded.
------------------------------
Alexander Granato
Transportation Planning Engineer
Indianapolis IN
granato.3@...A.M.ASCE
------------------------------
Original Message:
Sent: 02-15-2023 08:09 AM
From: Yance Marti
Subject: Balancing Cybersecurity and Workflow: What Are the Trade-Offs?
Cybersecurity always comes first. A major breach can shut down a company or agency and losing all of your data would make minor inconveniences seem like nothing. Ransomware can cost a company or agency millions of dollars.
Get to know your IT staff - there are easy workarounds for your needs. Planning ahead also helps. It's never the case where you magically find some software that needs to be installed instantly. Even test driving software takes planning and emailing back and forth with a vendor rep. Working with your IT staff to come up with a procedure for these issues that makes everyone happy can speed up the process. If your staff works with the vendor rep to make sure you have a legitimate download and not some random link emailed to you, that can cut down IT's work. Reps can be good sources for IT staff to make sure they have everything installed correctly. IT staff can never be familiar with all types of software and their needs. Providing them with contacts can speed up installs. I have reached out to Transoft helpline and sales reps to make sure our IT staff gets network installs done correctly.
Even software updates rarely require immediate installations that nobody knew about weeks in advance. Work with your IT to plan ahead so that once an update is out, it can installed on all workstations. Engineers know how to plan ahead - this is what we live for.
The only balance is making cybersecurity a priority. I still get phishing phone calls asking about our printers and names and contact information of managers. There are constant attacks via email, firewalls, etc. Don't let your guard down!
------------------------------
Yance Marti P.E., M.ASCE
Civil Engineer IV
City of Milwaukee
Milwaukee WI
Original Message:
Sent: 02-14-2023 11:07 AM
From: Christopher Seigel
Subject: Balancing Cybersecurity and Workflow: What Are the Trade-Offs?
Cybersecurity has become a top priority for businesses of all sizes. Companies are increasingly investing in various security measures to protect their sensitive data and systems from cyber-attacks. However, these measures often come at a cost – workflow interruptions.
One of the most frequent issues I run into now is the inability to install or update software without submitting an IT ticket. I work on a team that routinely explores new H&H modeling software, or compares new and old versions to evaluate bugs and performance differences. Constantly sending tickets to the IT department just to click "accept" on an install for another piece of software is something that neither party wants to deal with. However, I also realize that one wrong exe file can bring down and entire network.
<o:p> </o:p>
How can we strike a balance between workflow interruptions and security?<o:p></o:p>
------------------------------
Christopher Seigel P.E., M.ASCE
Civil Engineer
------------------------------