It’s that time of year again. Cyber Monday has arrived, and recent survey results say that 50% of Americans do some holiday shopping from work. (This number is actually down from 52% last year.)
This topic is not new, and I find it interesting to look back at the (brief) history of Cyber Monday in America. Four years ago, Government Technology Magazine asked what government organizations should do about Grinch.exe? The five suggestions are still fairly relevant; however, new advice is offered elsewhere around smartphones.
Back in 2006, I wrote that Christmas gifts can bring security woes. This is still true. Here’s a blog excerpt:
This has been going on for years. Toys that are opened on Christmas morning soon find their way into work. Historically, PDAs, cellphones, new software, even games and movies, have caused us problems. One colleague told me that January was always his worst month for security problems because of these Christmas presents.
A year later, I wrote this blog at CSO.com on the Cyber Monday topic and concluded by writing:
So my question to readers is what is your organization doing about this trend, besides issuing policies?
In Michigan, we send reminder e-mails to staff reminding them regarding holiday e-cards and shopping online hazards. We also monitor the traffic and behaviors of our employees.
We try our best to do each of the things recommended by the Center for Digital Government – with many controls in place, but we're certainly not perfect. Can you share any experiences?
This closing still seems appropriate to me in 2011. While our Michigan government acceptable use policy clearly states that computer network use is for official business, we allow local supervisors to use discretion in applying the rules. Our central cyber team only flags blatant violations of acceptable use, and we provide that information to the HR teams in each business area, as appropriate, for follow-up actions.
By the way, I've already received several emails for special "deals" on Cyber Monday, so I fully expect employees to be tempted to click to go after "one-off" deals during this week and the holiday season.
So I ask again, can you share any Cyber Monday experiences (from this year or from the past)?
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.
During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.
He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.
He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.
Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.
He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.
Follow Lohrmann on Twitter at: @govcso
Building effective virtual government requires new ideas, innovative thinking and hard work. From cybersecurity to cloud computing to mobile devices, Dan discusses what’s hot and what works in the world of gov tech.