How solving your I.T. problems frees your time for high-level, meaningful work and more $$$

How solving your I.T. problems frees your time for high-level, meaningful work and more $$$

“Listen, I spend probably 15% of my day dealing with dumb stuff,” Lisa said.?

“Like what?” I asked.

“Like printer issues or our ERP? system running slow. People call me up and complain. I never seem to be able to get on the other side of it, and our I.T. people fix it for a little bit, but everything comes back.”

Lisa wasn’t hired for any of this; she was compelled to help because of the “overlap” with her construction operations responsibilities.?

“We’re drowning because we don’t have enough processes in place, and I don’t have enough time or energy to work on processes. The CEO is really frustrated too,” she continued.

So instead of working on new lines of business, which she admitted would make their company more money (“a lot more”), she was stuck piddling away her time on recurring I.T. dumpster fires.

I asked her to imagine being able to take that 15% of her weekly time and reallocate it to her actual work — shedding all that frustration and angst as well . How much would ridding herself (and everybody else in the company) of that pain be worth?

“If you could write a check to eradicate these issues or at least limit them to maybe 5% of your time and free you to tackle high-level, meaningful issues, would you do so with a smile on your face?”

“Well, duh,” she said. (I’m paraphrasing.)

We set a target of six months to whip her company’s I.T. into tip-top shape. We did it in three. Lisa now spends less than 3% of her time on I.T. and is free to kick butt and take names on stuff that actually moves the needle for her business.

This example, which is one of countless examples I have in my back pocket, illuminates the all-too-common oversight of indirect costs.

If you take Lisa’s recurring 15% I.T. time investment at face value, as a simple fraction without context, it may not seem like a big deal.

But imagine wading through a swamp for 15% of your day. And then trying to get down to real business. Or, more accurately, imagine trying to complete your regular work while being interrupted over and over, for a sum of 15% of each work day. With nothing to show for those interruptions.?

Imagine how ticked off you’d be. How demoralized. How behind you’d fall on other work. How overwhelmed you’d become as chaos constantly nipped at your elbows, making efficiency an impossibility, planning a crap heap, and growth a sluggish slog.?

Let’s take this further. Because issues like this never happen in isolation, and they’re never just about the actual issue.?

If people like Lisa and her boss and companies like the one she works at are common (and we all know they are), and everybody at them knows things aren’t working, then why don’t they do anything about it? Why accept endless, unproductive pain when there’s a better way?


Fear.?

  • “How can I be sure I can trust a different I.T. vendor? Ours has reamed us and delivered next to nothing for years!”
  • “How can I implement changes and overhaul everything when I’m already so overwhelmed and close to a breaking point?”
  • “What if I spend more money on ‘better’ help and everything gets exponentially worse?”
  • “Is this really a big deal? We’re fine limping along like this. It’s the way we’ve always done it.”
  • “What if better processes eliminate the crutch (namely, my position) that we’re all using to survive?”
  • What if better I.T. support shows us 5,146 other ways we’re failing that we didn’t even know about?
  • Can we just wait to take care of this until something catastrophic happens?


Are you still with me, or did you already run screaming into the distance?

And did I write “fear”? I meant terror. But remember that you’re in good company. We’re all terrified of change. Change is usually when choice — our senses of agency and autonomy — is ripped out of our hands and life becomes immeasurably more painful. Divorce, death, illness, relationships ending, job loss, a pandemic, when someone eats the last of our ice cream, etc.

But if change is something we’re choosing, then it has a much better chance of being for our good. Of breaking bad habits. Establishing healthy norms. And eradicating needless risk, pain, and overwhelm. And because we’re perfectly capable of identifying the pain (it’s our daily reality, after all), we’re also best suited to find the solution.?

Finally, if the “system” you’re using isn’t working anyway, it’s something worth losing. If needed, it’s even worth making more mistakes and failures to end for once and for all. But with the right help, mistakes and failures won’t be a part of the solution.?

And it might take less time to turn things around than you think.

Phishing: Prevention and Mitigation

And why cybersecurity training platforms are useless unless you’re doing this one simple thing

What's your first line of defense against phishing attacks?

I’ll give you a hint. It’s starts with a “p” and ends with “eople.” Yes, people.

Because phishing is the most common data breach vector and costs organizations an average of nearly $5 million, prevention and mitigation are critical. There are four concrete ways you can protect yourself as well as one simple thing that will make any and all of your efforts useless or extremely ineffective.


Four Ways to Prevent and Mitigate Phishing Attacks

1. Teach your users how to recognize the signs of phishing attempts. This is easily done through a cybersecurity training platform as well as regular communication and other recurring re-education methods.

2. Teach your users how to respond to phishing attempts and how to report them to IT or your security team. These can also be communicated through a training platform and should be routinely revisited.?

3. Create policies and practices to make it harder for phishers to be successful. Examples include:

  • No initiating money transfers by email.
  • Type a URL directly into a browser instead of clicking links.
  • Call a direct office line instead of replying to texts from unknown numbers.


4. Use security tools to detect and thwart phishing attempts. This includes but isn’t limited to:

  • Spam filters and email security software
  • Antivirus and antimalware software
  • Multi-factor authentication
  • Endpoint security tools like endpoint detection and response and unified endpoint management solutions
  • Web filters to prevent users from visiting malicious websites or to alert them of suspicious pages
  • Enterprise cybersecurity solutions: security orchestration, automation and response (SOAR) and security information and event management (SIEM) platforms use AI and automation to detect and respond to threats.


The Most Important Phishing Prevention Method

Here’s the one big catch to these prevention and mitigation measures. Most cybersecurity training platforms are treated like a school that nobody actually has to attend. Nobody is holding users accountable (we sure can’t; we don’t have the authority).?

We often tell compliance clients, “Hey, your average completion score across employee base is X (abysmally low). Are you okay with that? Your people are easy targets.” But if they don’t implement some form of accountability, be it reminders in all-hands meetings, making completion a component of performance reviews, and/or designating a risk owner somewhere in the organization who addresses it with the staff, there’s nothing we can do.

Please don’t let this be you. Cybersecurity training platform use is a simple, easy, low-time-investment means to protect yourself against the most common way hackers are getting into organizations. They’re counting on your passivity…and your people’s ignorance of how they attack.?

If you have questions about phishing prevention and mitigation, feel free to email us at [email protected] or call (332) 217-0601.?

We'll cover signs of a phishing attack in our next newsletter.


要查看或添加评论,请登录