Issue link: https://nebusinessmedia.uberflip.com/i/1511216
wbjournal.com | November 13, 2023 | Worcester Business Journal 19 By Janelle Drolet Janelle Drolet is vice president of sales and operations for Towerwall, a cybersecurity consulting firm based in Framingham. 10. Isolate infected systems. Just as we had to quarantine for Covid infections, power down compromised endpoints to avoid spreading the contagion to other parts of the network. 9. System recovery. Create, review, and exercise a system recovery plan to ensure the restoration of services as part of a comprehensive disaster recovery strategy. This may involve using backups, reinstalling software, or patching vulnerabilities. Perform periodic testing and evaluate the backup plan. Test and test again. 8. Forensics. Assess the damage and root cause of the breach. Did a user click a bogus link or download a malware-laden file? Were credentials stolen by a successful phishing or social engineering scam? 7. Notify authorities. The federal government requires reporting of cybercrimes. Contact the local FBI, file a report with CISA (Cybersecurity and Infrastructure Security Agency): CISA exists to protect organizations from cyberattacks and respond to incidents. Report to FinCEN (Financial Crimes Enforcement Network), which receives reports of suspicious financial activity, including ransomware payments. 6. Patch systems. Apply all available software updates immediately. Automate the process as much as possible because threat actors create exploits soon after a patch is released. Use a reliable update service provided directly from the software vendor. 5. Prepare for emotional fallout. Cyber-attacks can cause feelings of distress, anger, guilt and fear among employees. 4. Change passwords. Suggest using a popular password manager to store and generate unique and complex passwords for every online account. Activate multi-factor authentication (MFA) options; these should default to being turned on but are not generally. 3. Train security awareness. Educate employees about the attack. This will help them to be more aware of the risks and to identify and report suspicious activity. 2. Review security policies. This may include deploying new security controls, increasing security monitoring, and conducting regular penetration tests both inside and out. Regularly test your incident response plan (IRP) to avoid chaos and confusion should an attack occur by performing tabletop exercises. 1. Engage experts. A cybersecurity expert can help the organization report and investigate the attack, develop a remediation plan, set up threat detection controls, test systems for weaknesses, set policies and procedures, and implement practical security measures. K N O W H O W e future is now BY EMILY MICUCCI Special to WBJ C ompanies know they need to invest in diversity, equity, and inclusion, but achieving a truly inclusive workplace is something many human resource managers find elusive. True inclusion transcends hiring practices. It's about making sure all em- ployees feel welcome, valued and heard. Short of that, companies may fall into what Forbes calls "tokenism" – thinking that if they hire a few minority candi- dates or add a woman to the C-suite, they've done their job. Here are some keys to achieving real inclusion. Think outside the box. Hiring people from diverse racial and ethnic back- grounds will strengthen any team. Women and LGBTQ+ candidates bring needed perspective to an organization. But what about those who are disabled, religious minorities – even new parents? Ensuring you reach people with different life experiences – whether with an accommodation or a support group – reduces isolation and increases engage- ment. Employers may even consider upgrading mother's rooms or rethinking common spaces for those with physical disabilities. "When companies value employees with diverse backgrounds, it shows employees that their unique qualities are assets to the team rather than something to hide," says Top Work Places, publish- er of the Energage Workplace Survey. Respect traditions. Top Work Places suggests offering paid-time-off policies to allow employees to celebrate their own religious holidays. Keeping office parties nondenominational doesn't mean you have to avoid religious or cultural traditions at work. Asking em- ployees to share their traditions, perhaps with a special dish during a monthly lunch or through an employee newslet- ter highlighting what different people celebrate, is festive and engaging. Banish cliques. Consider an egalitar- ian approach to work socialization. If there's a regular outing aer work, send an office-wide invitation. Actively work to make sure all employees feel they belong on the team. 10 THINGS I know about... ... Cyber attacks W O R K P L A C E I N C L U S I O N Delcie Bean is CEO at Paragus Strategic IT with offices in Worcester and Hadley. Reach him at dbean@paragusit.com BY DELCIE BEAN Special to WBJ I n today's rapidly evolving business landscape, the term "Artificial Intelligence" or "AI" is no longer confined to the realms of science fiction or the exclusive domain of tech giants. As the CEO of a Managed Service Provider (MSP) serving small and medium businesses, I've witnessed first-hand the transformative power of AI tools like ChatGPT. For small businesses, the adoption of AI isn't just a competitive advantage—it's fast becoming a necessity. Imagine a tool that can assist with customer inquiries around the clock, analyze vast amounts of data in seconds, or even help draft content. That's AI for you. Tools like ChatGPT can be seamlessly integrated into your business operations without the need for expensive consultants or extensive IT knowledge. Here are some immediate use cases: Customer support: Deploy chatbots to handle routine inquiries, freeing your human resources for more complex tasks. Data analysis: AI can sift through large datasets, identifying patterns and insights that can drive business decisions. Content creation: Tools can assist in drafting content, from emails to PowerPoints, saving hundreds of hours a year. While AI's capabilities are vast, it's crucial to understand its limitations. AI excels at tasks with clear patterns and data, but it can't replace human intuition, creativity, or ethical judgment. For instance, while AI can analyze customer sentiments, it can't understand the nuances of human emotions. It's a tool, not a replacement for human expertise. In the age of digital transformation, businesses that fail to adapt risk obsolescence. If you're not leveraging AI, but your competitor is, they have a distinct advantage. ey can serve customers faster, make more informed decisions, and operate more efficiently. As business leaders, the onus is on us to champion the adoption of AI, ensuring our businesses remain competitive and future-ready. One of the most common misconceptions is that AI is expensive and out of reach for small businesses. This couldn't be further from the truth. Many AI tools are open-source or available at affordable rates. The real investment is in understanding its potential and integrating it into your business processes. Every executive, especially the CEO, must recognize AI's potential and take the lead in its adoption. It's not just about staying updated with technology; it's about envisioning a future where AI and human intelligence work in tandem to achieve business excellence. To the business owners and high- level employees reading this: AI is not a distant dream. It's here, it's accessible, and it's transformative. I urge you to explore its potential, not just as a business tool but as a strategic ally in your growth journey. And remember, as you navigate this exciting frontier, you're not alone. Consider me, and professionals like me, as resources to guide and assist you in this transformative journey. The future is AI. Let's embrace it together. W W Demystifying AI for small businesses W