Pre-COVID: the name of the game was digital transformation, agility, or optimization. Whilst all of those initiatives are still relevant and ongoing, the pandemic has forced many of us to focus on resilience through whatever forms of disruption we may encounter in the future. COVID-19 measures have changed the way we work and, regardless of whether these changes are temporary or a paradigm shift, we are presented with new challenges. Encouragingly, some of these new challenges have been addressed with innovative solutions to not only resolve the issues today but to also strengthen the overall infrastructure and response for tomorrow.
During this time, cybersecurity concerns have grown as a result of many factors, not least of which is a direct result from individuals being sentenced to work from home. From an industry perspective, companies are also more vulnerable to cybercrimes as they try to operate as much as possible remotely or face temporary or even permanent closures. Taking the valuable lessons learned during an exceptional time, what are the key steps to build a stronger, resilient system? Taking a step back, what are some key vulnerabilities companies should address?
Dr. Madnick involvement in cybersecurity research goes back to 1979, when he co-authored the book Computer Security. Currently, he heads Cybersecurity at MIT Sloan: the Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity, formerly (IC)3.
Dr. Madnick holds a Ph.D. in computer science from MIT and has been an MIT faculty member since 1972. He served as the head of MIT's Information Technologies Group in the Sloan School of Management for more than 20 years. He is the author or co-author of more than 400 books, articles and reports. Besides cybersecurity, his other research interests include Big Data, semantic connectivity, database technology, software project management and the strategic use of information technology.
Dr. Madnick has been active in industry as a developer of IBM's VM/370 operating system and Lockheed's DIALOG system. He has served as a consultant to major corporations and has been the co-founder of five high-tech firms and currently operates the 14th-century Langley Castle Hotel in England.
The COVID-19 pandemic has sent a shock wave through the global system that most of us were not fully prepared for. With some luck and progress on a vaccine and other medications, this crisis will diminish. But there are other threats, that like COVID-19, could occur without much warning, how well prepared are we for them? How resilient are we? Most of us have heard about the frequent and mildly annoying cyberattacks that have stolen our credit card information and created other minor disturbances. But like California awaiting the "big quake," how well prepared will we be for the "big cyber quake"? In this session we will discuss the possible risks and a method, referred to as cybersafety, for increasing our resilience by more fully identifying and mitigating these cyber risks.
Dr. Keri Pearlson is the Executive Director of the research group Cybersecurity at MIT Sloan (CAMS). Dr. Pearlson has held positions in academia and industry including Babson College, UTexas-Austin, Gartner’s Research Board, CSC, Hughes Aircraft Company, and AT&T. Her research studies topics at the intersection of MIS, business strategy and organizational design. Her current research projects focus on how organizations build a culture of cybersecurity, how to manage the cybersecurity vulnerabilities of AI/ML systems and how organizations build trust to share mitigations for cyber breaches. She’s the lead author of the popular MIT textbook: Managing and Using Information: A Strategic Approach (7th edition published Jan.2020) and co-author of Zero Time: Providing Instant Customer Value. She has written dozens of papers and case studies, many of which included ground-breaking work which has influenced how managers and leaders think about, and manage, information. Dr. Pearlson holds a Doctorate in Business Administration (DBA) in MIS from Harvard Business School and a Masters (MS) in Industrial Engineering and Bachelors (BS) in Mathematics from Stanford.
Almost everyone is working from home these days and it's created a strange, chaotic environment for each of us, our organizations and for our families. As we all learn how to communicate, share Wi-Fi, and take meetings remotely, we must also think about keeping ourselves, our teams, and our families cybersecure. Did you know that the most common way the malicious actors do damage is through fake emails and websites that unsuspecting people like us click on? Technology won't keep our organizations and our family secure enough-- our behaviors will. Managers think that training will drive appropriate behaviors, since it ‘teaches’ everyone what they should and should not do. But research shows that training is not enough. Sloan research from CAMS (cams.mit.edu) on building a culture of cybersecurity addresses this need. Culture is made up of the organization’s values, attitudes and beliefs which are shaped by external factors such as industry and societal norms, and a number of mechanisms that every manager, and anyone working from home, can put in place. In this session, we will discuss some of the current ways malicious actors are trying to get our money, steal company data and infiltrate our systems. We will also talk about actions you can take tomorrow to both raise awareness and change behaviors of those around you to keep everyone more secure.
There is an ethical tension between security and privacy, with cybersecurity adding an additional complicating dimension. In this session we will discussion these issues with actual examples, many of which are actively in the news - but not always noticed or fully understood. These pose both opportunities and challenges for us, both as managers and individuals, to develop positions that we can defend and that will allow us to make effective decisions.