Corrections or additions?
These articles by Kathleen McGinn Spring were prepared for the June 13, 2001 edition of U.S. 1 Newspaper. All rights reserved.
Computer Security’s New Dimension
Gary Lynch’s first computer security job involved
a mass murderer who chopped prostitutes into tiny pieces. The year
was 1978, computers were kept in locked rooms, and the axe-happy guy
also happened to be in charge of night shift computer operations at
Blue Cross, where Lynch held the brand new title of electronic data
processing auditor. The powers that be at the company were "concerned
about this person having full authority over the mainframe," says
Lynch. It was not all that easy to trace computer transactions back
then, but Lynch did a check and turned up nothing nefarious. "He
was considered a good employee," Lynch says. "I never found
Twenty-three years and several computer revolutions later, Lynch owns
a Morristown-based computer security company, Technology Risk Advisors,
which helps companies work at security issues that go way beyond figuring
out whether murderers messed with the mainframe before being carted
off to jail. He speaks on "How Secure Are You?" as part of
a panel on computer security issues at the New Jersey Technology Council’s
CIO Peer Network Program on Tuesday, June 19, at 8:30 a.m. at the
Morris County Fire Fighters & Police Training Academy. Cost: $40.
Lynch says he "accidentally fell into security," and has been
trying to fight his way out ever since. "I was a financial auditor
when I was young," he says. "I counted cash in vaults."
He was also a computer programmer. The combination appealed to companies
just starting to put their data into computers, and a head hunter
recruited him for the job at Blue Cross.
Back then, nearly 25 years ago, "there was no such thing as computer
security," Lynch says. "All the computers were locked up in
a room. They were not accessible to the outside world." For the
most part, computers in businesses were used to crunch numbers at
night. "Customers never had access," Lynch says, "and
employees had limited access."
As access opened up, computer security became a big issue. Lynch,
in on the ground floor, went on to become head of security for Chase
Manhattan and for Prudential, and launched a computer security department
for the Gartner Group. Most recently, before founding his own company
one year ago, he ran Ernst & Young’s security practice in the Metro
New York area.
As Lynch traces the history of computer use in offices, it becomes
clear why security concerns mushroomed as the machines evolved. "In
the early-80s," he recalls, "companies began to give privileged
employees access, but only on site." Then, more and more work
was shifted to computers. Everything from drawings to sophisticated
logic to legal briefs moved from drafting tables and legal pads to
software. More employees had access to the company’s computers, and,
at the same time, companies "began to give access to privileged
people in other sites."
"Then," Lynch says, "we had the PC revolution in the mid-1980s.
Everybody had access to offload from mainframes. People became very
creative." Worlds of possibilities opened, Lynch says, but the
seeds of future security nightmares were sown as companies threw open
access, but "decided to do it with no rules." The PC revolution
that put a computer on every desk was followed by a trend toward sharing
and collaboration where local area networks (LANs) linked employees,
and sometimes vendors and business partners too.
As important as these milestones were, Lynch says, "The real revolution
came with connectivity." This, he says, for the first time allowed
people the company did not even know, people who in many cases were
unknowable, to get information. "The focus was on the customer,"
he says. "There was a push beyond employees and business partners."
"Knowledge has become a business weapon," says Lynch. The
question is how to control it. Businesses are concerned with customer
relations management (CRM), transactions executed online, intellectual
property sharing, and access to data. And they all now know that they
need computer security. There are 2,000 companies selling more than
4,000 computer security products, and Lynch says businesses no longer
have to be sold on the need to buy a good number of them, often from
small, highly-specialized companies.
Corporations are spending a lot on security, Lynch says, but they
"never reach the finish line." They buy and buy, but never
quite sew up all the holes in their systems. Lynch’s nine-person company
is building a business on helping clients — most often COOs, CEOs,
and CFOs — figure out where the finish line is, and how to cross
Securing computerized data is so complex that even the location of
a security finish line is extremely elusive. How secure is secure
enough? Some security measures, 128-bit encryption for example, are
extremely expensive. Is it necessary? And if so, should it be deployed
for all data? For all computer functions? Lynch says companies have
to decide "how high do we place the bar?"
Key considerations include the following:
an ever-shifting environment. Lynch says the vulnerabilities he sees
"over and over" are caused not by technology, but by what
he calls "process breakdowns," which boil down to carelessness
by the computers’ human masters. "It’s simple things," he
says. "It’s installing new software, and not resetting default
passwords, or not applying patches to fix weaknesses. It’s not staying
up to date."
Beyond sloppy installation, the biggest security issue, Lynch says,
is that "companies don’t want to take a lot of time to integrate
security solutions into operations systems." A company, for instance,
will install intrusion detection, and then keep incident reports within
the IT department. Security, Lynch says, "should be woven into
the fabric of the company, and integrated into day-to-day processes."
The day when a company’s biggest worry was that one of the handful
of employees entrusted with the key to the mainframe room might have
criminal tendencies is long gone. Now computers are everywhere, and
so are security issues.
<B>Dina Lichtman was a senior executive in the human
resources department of a medical equipment rental company. She had
been with the company for nearly 16 years when a group of venture
capital investors took it private. The new investors decided on substantial
changes. "One year ago today, everyone from the CEO through senior
vice presidents was let go," she says. "I was the victim of
Happily re-settled as vice president of career management at Right
Management Consultants, a global career transition firm with offices
in Forrestal Village, Lichtman has not forgotten how it felt to be
tossed from a job she had held so long that her children, ages 22
and 24, had no memory of her doing anything else. "I couldn’t
get past it," she says. "I kept saying `This was 16 years.’
It was a shock, a trauma. It was hard telling people."
Lichtman offers advice to others who may one day be in her position
when she speaks on "Repositioning Your Career in a Changing World"
on June 20, at 7:30 a.m. at a meeting of the Princeton Chamber of
Commerce at the Nassau Club. Cost: $21. Call 609-520-1776.
"It wasn’t even financial," Lichtman says of her lay-off.
She had been given a substantial severance package and didn’t need
to work right away to pay the bills, but even so, she found it difficult
to get over the dismissal. "I kept looking behind me," she
says. "I kept wondering if I should have done anything differently,
if I should have been more aggressive with the new management."
It was six months before she began a job search in earnest.
Now Lichtman works with people like herself, executives who find themselves
out of a job. She urges them to take time to think about what parts
of their former jobs they liked, and what parts they would be happy
never to have to do again. That is how she arrived at her current
job, which she landed just two months ago.
A "poor kid from Philly," Lichtman attended Temple University
on scholarship, earning a bachelor’s degree in secondary education
(Class of 1969) and a master’s degree and doctorate in psycho-educational
process, now called educational psychology. She had worked as a psychologist
as well as a human resources executive, and after her lay-off she
realized she did not want to "shuffle paper" anymore. No more
government reporting forms for her, she decided. What she liked about
her work was human interaction, "role playing, interviewing, executive
coaching." She narrowed her job search to concentrate on positions
full of client contact, and short on paperwork.
Her new employer works for corporations, giving their downsized executives
coaching in finding a new job, and business is up. A lot. Right Management
is seeing 30 to 50 percent more people this spring than it did last
spring as a number of industries, telecommunication and the Internet
among them, trim employees. Lichtman says, even now, a good two decades
after "downsizing" first entered corporate lingo, employees
often are shocked to find that hard work and longevity are not enough
to guarantee a spot on the company roster.
"It used to be a social contract," Lichtman says. "I do
a good job, and you’ll keep me forever." Not only is that contract
out the window, but length of service as an anchor is gone too. Newly
laid-off executives, still in shock, tell Lichtman how long they had
been with their employer as if the years were charms they believed
would keep the axe away. "It doesn’t matter anymore," she
says. "There are no guarantees."
The result, Lichtman says, is that the laid-off people she sees are
no longer willing to make work their life. Many thought a short-term
sacrifice of family, outside interests, and personal time couldn’t
help but make them stars, forever valued at work. When, instead, they
were shown the door, many vow not to repeat the mistake. Lichtman
says, "More and more, people say, `I’ll do a good job, but equally,
if not more, I will value family time, community time, and personal
But no matter how they decide to work, the jobless executives Lichtman
sees do need to get to work, and it is her job to help them find one.
Here is her advice for conducting a job search after a lay-off, and
using the event to build a stronger, more resilient career.
Lichtman advises. "Step back, reflect a bit, take seminars, decompress."
Rushing into a job hunt before the shock of a lay-off has worn off,
sending off hundreds of resumes willy-nilly, and going into interviews
unprepared is rarely the way to find a really good fit in a new job.
"I had a young woman this morning," Lichtman says. "She
reported she had just gone on an interview." This job candidate
had summed up her skills by telling the prospective employer "`I
can do everything!’" Bad move, Lichtman says. "No one wants
someone who can do everything."
the hapless interviewee understand what strengths she could bring
to a job, and what she wanted the job to do for her. Right, like many
firms that work with downsized employees, offers a range of tests
to assess clients’ talents, personalities, and preferences. And a
new test is being added. Lichtman says her firm will soon start offering
a tool to measure clients’ tolerance for stress. She says all job
hunters should think about what it is they want in a job, besides,
of course, a manageable stress level. "Is it money, time, leadership?"
she urges them to ask. Being unemployed for a time can be an opportunity
to find a better job fit, but only if the laid-off employee takes
the time to think about what would make a job ideal for him.
And that is not as easy as it sounds. "Very senior folks hide
behind the jobs," Lichtman says. "To be out there and have
to look at what you really like, it’s hard."
embarrassed about their lay-off, thinking others will assume it was
somehow their fault. Relax, she says, there is no longer a stigma
attached to losing a job. Neither, she is finding, is there is much
of a stigma attached to age as there was. "I think it’s changing,"
she says. "Employers are looking for wisdom and experience."
Older job hunters — like their young competitors — need to
demonstrate creativity, energy, competence, and an ability to adapt.
If they do so, they may find age is not much of a problem for recruiters.
"I was offered a job by a 30-year-old at an Internet company,"
Lichtman says by way of example. Her firm has clients who are in their
early-60s, and she says they are doing well in finding good jobs.
laid-off workers need time to adjust, she also says they like to have
"a tangible product" in their hands. Working up a first-rate
resume, not a historical document, but an embodiment of who they are,
is a confidence builder, and an important first step in a self-marketing
campaign. Work on interview skills also is important, as is polishing
a personal presence, but the most essential part of the campaign is
Up to 85 percent of jobs are never advertised, Lichtman says. She
has her clients ferret them out by listing 100 people they know. Yes,
she says, absolutely everyone knows at least 100 people. Count the
hairdresser, and her receptionist too. Then get in touch with each
and every one. Tips, she says, can come from anywhere.
to ask for more money," Lichtman says. "There’s a reason professional
athletes have agents." She has been amused to find that top salespeople,
pros who can sell anything, choke when it comes time to negotiate
their own salaries.
upset of a lay-off does not end with landing a good job. The lay-off
should serve as a wake-up call, alerting the executive to a changed
work environment. Mergers, acquisitions, falling profits, changed
priorities, plant closings; any or all of the above could cause the
new job to crater. Or the new job could prove to be unsatisfying.
Employees need to take charge, keep their resumes up to date, scan
the horizon for new opportunities, and, most important of all, keep
wiser after her own lay-off, "you are in charge of your own destiny."
Corrections or additions?
This page is published by PrincetonInfo.com
— the web site for U.S. 1 Newspaper in Princeton, New Jersey.