Corrections or additions?
These articles by Kathleen McGinn Spring were prepared for the June 13, 2001 edition of U.S. 1 Newspaper. All rights reserved.
Computer Security’s New Dimension
Gary Lynch’s first computer security job involved
a mass murderer who chopped prostitutes into tiny pieces. The year
was 1978, computers were kept in locked rooms, and the axe-happy guy
also happened to be in charge of night shift computer operations at
Blue Cross, where Lynch held the brand new title of electronic data
processing auditor. The powers that be at the company were “concerned
about this person having full authority over the mainframe,” says
Lynch. It was not all that easy to trace computer transactions back
then, but Lynch did a check and turned up nothing nefarious. “He
was considered a good employee,” Lynch says. “I never found
anything.”
Twenty-three years and several computer revolutions later, Lynch owns
a Morristown-based computer security company, Technology Risk Advisors,
which helps companies work at security issues that go way beyond figuring
out whether murderers messed with the mainframe before being carted
off to jail. He speaks on “How Secure Are You?” as part of
a panel on computer security issues at the New Jersey Technology Council’s
CIO Peer Network Program on Tuesday, June 19, at 8:30 a.m. at the
Morris County Fire Fighters & Police Training Academy. Cost: $40.
Call 856-787-9700.
Lynch says he “accidentally fell into security,” and has been
trying to fight his way out ever since. “I was a financial auditor
when I was young,” he says. “I counted cash in vaults.”
He was also a computer programmer. The combination appealed to companies
just starting to put their data into computers, and a head hunter
recruited him for the job at Blue Cross.
Back then, nearly 25 years ago, “there was no such thing as computer
security,” Lynch says. “All the computers were locked up in
a room. They were not accessible to the outside world.” For the
most part, computers in businesses were used to crunch numbers at
night. “Customers never had access,” Lynch says, “and
employees had limited access.”
As access opened up, computer security became a big issue. Lynch,
in on the ground floor, went on to become head of security for Chase
Manhattan and for Prudential, and launched a computer security department
for the Gartner Group. Most recently, before founding his own company
one year ago, he ran Ernst & Young’s security practice in the Metro
New York area.
As Lynch traces the history of computer use in offices, it becomes
clear why security concerns mushroomed as the machines evolved. “In
the early-80s,” he recalls, “companies began to give privileged
employees access, but only on site.” Then, more and more work
was shifted to computers. Everything from drawings to sophisticated
logic to legal briefs moved from drafting tables and legal pads to
software. More employees had access to the company’s computers, and,
at the same time, companies “began to give access to privileged
people in other sites.”
“Then,” Lynch says, “we had the PC revolution in the mid-1980s.
Everybody had access to offload from mainframes. People became very
creative.” Worlds of possibilities opened, Lynch says, but the
seeds of future security nightmares were sown as companies threw open
access, but “decided to do it with no rules.” The PC revolution
that put a computer on every desk was followed by a trend toward sharing
and collaboration where local area networks (LANs) linked employees,
and sometimes vendors and business partners too.
As important as these milestones were, Lynch says, “The real revolution
came with connectivity.” This, he says, for the first time allowed
people the company did not even know, people who in many cases were
unknowable, to get information. “The focus was on the customer,”
he says. “There was a push beyond employees and business partners.”
“Knowledge has become a business weapon,” says Lynch. The
question is how to control it. Businesses are concerned with customer
relations management (CRM), transactions executed online, intellectual
property sharing, and access to data. And they all now know that they
need computer security. There are 2,000 companies selling more than
4,000 computer security products, and Lynch says businesses no longer
have to be sold on the need to buy a good number of them, often from
small, highly-specialized companies.
Corporations are spending a lot on security, Lynch says, but they
“never reach the finish line.” They buy and buy, but never
quite sew up all the holes in their systems. Lynch’s nine-person company
is building a business on helping clients — most often COOs, CEOs,
and CFOs — figure out where the finish line is, and how to cross
it.
Securing computerized data is so complex that even the location of
a security finish line is extremely elusive. How secure is secure
enough? Some security measures, 128-bit encryption for example, are
extremely expensive. Is it necessary? And if so, should it be deployed
for all data? For all computer functions? Lynch says companies have
to decide “how high do we place the bar?”
Key considerations include the following:
Where do customers want the bar?Where do regulators want the bar?Where do business partners want the bar?Where are competitors setting the bar?What are your auditors telling you?What are you seeing as security breaches in your industry?Once security parameters are set, they need to be enforced inan ever-shifting environment. Lynch says the vulnerabilities he sees”over and over” are caused not by technology, but by whathe calls “process breakdowns,” which boil down to carelessnessby the computers’ human masters. “It’s simple things,” hesays. “It’s installing new software, and not resetting defaultpasswords, or not applying patches to fix weaknesses. It’s not stayingup to date.”Beyond sloppy installation, the biggest security issue, Lynch says,is that “companies don’t want to take a lot of time to integratesecurity solutions into operations systems.” A company, for instance,will install intrusion detection, and then keep incident reports withinthe IT department. Security, Lynch says, “should be woven intothe fabric of the company, and integrated into day-to-day processes.”The day when a company’s biggest worry was that one of the handfulof employees entrusted with the key to the mainframe room might havecriminal tendencies is long gone. Now computers are everywhere, andso are security issues.Top Of PageAfter a Lay-Off, Move OnB>Dina Lichtman was a senior executive in the humanresources department of a medical equipment rental company. She hadbeen with the company for nearly 16 years when a group of venturecapital investors took it private. The new investors decided on substantialchanges. “One year ago today, everyone from the CEO through seniorvice presidents was let go,” she says. “I was the victim ofa downsizing.”Happily re-settled as vice president of career management at RightManagement Consultants, a global career transition firm with officesin Forrestal Village, Lichtman has not forgotten how it felt to betossed from a job she had held so long that her children, ages 22and 24, had no memory of her doing anything else. “I couldn’tget past it,” she says. “I kept saying `This was 16 years.’It was a shock, a trauma. It was hard telling people.”Lichtman offers advice to others who may one day be in her positionwhen she speaks on “Repositioning Your Career in a Changing World”on June 20, at 7:30 a.m. at a meeting of the Princeton Chamber ofCommerce at the Nassau Club. Cost: $21. Call 609-520-1776.”It wasn’t even financial,” Lichtman says of her lay-off.She had been given a substantial severance package and didn’t needto work right away to pay the bills, but even so, she found it difficultto get over the dismissal. “I kept looking behind me,” shesays. “I kept wondering if I should have done anything differently,if I should have been more aggressive with the new management.”It was six months before she began a job search in earnest.Now Lichtman works with people like herself, executives who find themselvesout of a job. She urges them to take time to think about what partsof their former jobs they liked, and what parts they would be happynever to have to do again. That is how she arrived at her currentjob, which she landed just two months ago.A “poor kid from Philly,” Lichtman attended Temple Universityon scholarship, earning a bachelor’s degree in secondary education(Class of 1969) and a master’s degree and doctorate in psycho-educationalprocess, now called educational psychology. She had worked as a psychologistas well as a human resources executive, and after her lay-off sherealized she did not want to “shuffle paper” anymore. No moregovernment reporting forms for her, she decided. What she liked abouther work was human interaction, “role playing, interviewing, executivecoaching.” She narrowed her job search to concentrate on positionsfull of client contact, and short on paperwork.Her new employer works for corporations, giving their downsized executivescoaching in finding a new job, and business is up. A lot. Right Managementis seeing 30 to 50 percent more people this spring than it did lastspring as a number of industries, telecommunication and the Internetamong them, trim employees. Lichtman says, even now, a good two decadesafter “downsizing” first entered corporate lingo, employeesoften are shocked to find that hard work and longevity are not enoughto guarantee a spot on the company roster.”It used to be a social contract,” Lichtman says. “I doa good job, and you’ll keep me forever.” Not only is that contractout the window, but length of service as an anchor is gone too. Newlylaid-off executives, still in shock, tell Lichtman how long they hadbeen with their employer as if the years were charms they believedwould keep the axe away. “It doesn’t matter anymore,” shesays. “There are no guarantees.”The result, Lichtman says, is that the laid-off people she sees areno longer willing to make work their life. Many thought a short-termsacrifice of family, outside interests, and personal time couldn’thelp but make them stars, forever valued at work. When, instead, theywere shown the door, many vow not to repeat the mistake. Lichtmansays, “More and more, people say, `I’ll do a good job, but equally,if not more, I will value family time, community time, and personaltime.’”But no matter how they decide to work, the jobless executives Lichtmansees do need to get to work, and it is her job to help them find one.Here is her advice for conducting a job search after a lay-off, andusing the event to build a stronger, more resilient career.Take a deep breath. “Don’t do anything right away,”Lichtman advises. “Step back, reflect a bit, take seminars, decompress.”Rushing into a job hunt before the shock of a lay-off has worn off,sending off hundreds of resumes willy-nilly, and going into interviewsunprepared is rarely the way to find a really good fit in a new job.”I had a young woman this morning,” Lichtman says. “Shereported she had just gone on an interview.” This job candidatehad summed up her skills by telling the prospective employer “`Ican do everything!’” Bad move, Lichtman says. “No one wantssomeone who can do everything.”Get to know yourself. A little reflection might have helpedthe hapless interviewee understand what strengths she could bringto a job, and what she wanted the job to do for her. Right, like manyfirms that work with downsized employees, offers a range of teststo assess clients’ talents, personalities, and preferences. And anew test is being added. Lichtman says her firm will soon start offeringa tool to measure clients’ tolerance for stress. She says all jobhunters should think about what it is they want in a job, besides,of course, a manageable stress level. “Is it money, time, leadership?”she urges them to ask. Being unemployed for a time can be an opportunityto find a better job fit, but only if the laid-off employee takesthe time to think about what would make a job ideal for him.And that is not as easy as it sounds. “Very senior folks hidebehind the jobs,” Lichtman says. “To be out there and haveto look at what you really like, it’s hard.”Forget pre-conceptions. Many of Lichtman’s clients areembarrassed about their lay-off, thinking others will assume it wassomehow their fault. Relax, she says, there is no longer a stigmaattached to losing a job. Neither, she is finding, is there is muchof a stigma attached to age as there was. “I think it’s changing,”she says. “Employers are looking for wisdom and experience.”Older job hunters — like their young competitors — need todemonstrate creativity, energy, competence, and an ability to adapt.If they do so, they may find age is not much of a problem for recruiters.”I was offered a job by a 30-year-old at an Internet company,”Lichtman says by way of example. Her firm has clients who are in theirearly-60s, and she says they are doing well in finding good jobs.Design a marketing campaign. While Lichtman says recentlylaid-off workers need time to adjust, she also says they like to have”a tangible product” in their hands. Working up a first-rateresume, not a historical document, but an embodiment of who they are,is a confidence builder, and an important first step in a self-marketingcampaign. Work on interview skills also is important, as is polishinga personal presence, but the most essential part of the campaign isnetworking.Up to 85 percent of jobs are never advertised, Lichtman says. Shehas her clients ferret them out by listing 100 people they know. Yes,she says, absolutely everyone knows at least 100 people. Count thehairdresser, and her receptionist too. Then get in touch with eachand every one. Tips, she says, can come from anywhere.Negotiate for a great package. “People are petrifiedto ask for more money,” Lichtman says. “There’s a reason professionalathletes have agents.” She has been amused to find that top salespeople,pros who can sell anything, choke when it comes time to negotiatetheir own salaries.Keep on managing your career. Gaining ground after theupset of a lay-off does not end with landing a good job. The lay-offshould serve as a wake-up call, alerting the executive to a changedwork environment. Mergers, acquisitions, falling profits, changedpriorities, plant closings; any or all of the above could cause thenew job to crater. Or the new job could prove to be unsatisfying.Employees need to take charge, keep their resumes up to date, scanthe horizon for new opportunities, and, most important of all, keepon networking.”Ultimately,” says Lichtman, who is both happier andwiser after her own lay-off, “you are in charge of your own destiny.”Previous StoryCorrections or additions?This page is published by PrincetonInfo.com— the web site for U.S. 1 Newspaper in Princeton, New Jersey.
