Research: 4 Ways Employees Respond to DEI Initiatives

Diversity, equity, and inclusion (DEI) initiatives, such as diversity training, targeted recruiting, and dedicated diversity-focused leadership roles, aim to address inequities, create an inclusive environment, and increase representation of historically marginalized groups. Many organizations globally are investing significant resources into these efforts, often implementing them with a one-size-fits-all approach.

However, these initiatives frequently fall short of their intended outcomes and can even lead to unintended negative consequences. For instance, a policy designed to promote gender diversity in leadership roles might, if not carefully communicated, alienate male employees or expose female employees, fostering division rather than inclusiveness.

The Importance of Employee Responses​

A critical factor influencing the success of DEI initiatives is how employees respond to them. Traditionally, employee responses have been oversimplified into two categories: “resistors,” who hinder DEI initiatives, and “supporters,” who facilitate their implementation.

Recent research published in the Journal of Applied Psychology suggests that this binary view is inadequate. Instead, managers should recognize the nuances in employee responses. Employees often exhibit ambivalence, simultaneously supporting DEI goals while harboring skepticism or discomfort about specific policies or their communication. Labeling these individuals as “against” DEI initiatives oversimplifies their stance and misses opportunities for constructive engagement. Embracing the complexity of employee responses, including ambivalence, is crucial for effectively navigating DEI initiatives.

The Four Ways Employees Respond to DEI Initiatives​

Our research identified a typology of employee responses to DEI initiatives. We conducted three separate online studies with over 1,600 employees across various industries, companies, jobs, geographic areas within the U.S., and demographic groups. Participants had experienced a diversity initiative within their organizations in the last six months.

We sent multiple surveys to each participant, spaced a few weeks apart. The first survey asked participants to describe the diversity initiatives they had experienced, providing detailed insights. Subsequent surveys captured their responses to these initiatives, measuring their thoughts on benefits and required efforts, their feelings (ranging from excitement to sadness), and their behaviors (from active support to active resistance).

Using latent profile analysis, we identified meaningful patterns in participants’ responses, uncovering typical response profiles. We ensured the robustness of these profiles by replicating them in follow-up studies and exploring factors that predict which profile a person will be assigned to, such as personal beliefs.

Key Takeaways for Managers​

  1. Recognize Ambivalence: Understand that employees can simultaneously support DEI goals and feel skeptical about specific policies. Engage with these nuanced responses constructively.
  2. Tailor Communication: Carefully communicate DEI policies to avoid alienating any group. Clear, inclusive communication can prevent misunderstandings and foster a more supportive environment.
  3. Engage Constructively: Instead of labeling employees as “for” or “against” DEI initiatives, engage with their concerns and suggestions. This approach can turn potential resistance into constructive feedback.
  4. Holistic Approach: Consider the broader context of employees’ thoughts, feelings, and behaviors. A holistic understanding of their responses can inform more effective DEI strategies.
By embracing the complexity of employee responses and tailoring DEI initiatives accordingly, organizations can create a more inclusive and supportive environment, ultimately achieving their DEI goals more effectively.

Read the article: https://hbr.org/2024/07/research-4-ways-employees-respond-to-dei-initiatives

Cybersecurity The Future Of The Cybersecurity Profession With The Rise Of AI

Artificial intelligence (AI) is revolutionizing industries from healthcare to manufacturing to agriculture, and cybersecurity is no exception. As AI reshapes possibilities across various sectors, it is also steering the cybersecurity profession in a bold, new direction. This AI-driven transformation will not only alter the daily activities of cybersecurity practitioners but also necessitate new roles and skill sets within the profession.

The Cybersecurity Profession Today​

Globally, several jurisdictions are proactively addressing the expanding skills gap in cybersecurity. They are defining the profession to guide government, industry, and academia in a structured manner.

In the U.S., the Workforce Framework for Cybersecurity (NICE Framework) spans public, private, and academic sectors. It defines seven high-level cybersecurity functions linked to 33 specialty areas and 52 work roles, detailing specific knowledge, skills, and abilities. These functions range from cybersecurity governance to design and development, threat management, operations, analysis, and investigation.

Similarly, the European Cybersecurity Skills Framework (ECSF) outlines 12 cybersecurity professional role profiles, detailing their titles, missions, tasks, skills, knowledge, and competencies. These roles vary from managerial to legal, operational, assurance, and risk management.

In the U.K., the Cyber Security Council defines 16 specialisms in cybersecurity, from managerial to technical. These governmental skills frameworks are mapped to credentials offered by cybersecurity associations, guiding professionals in enhancing their skill sets.

These initiatives are crucial as the cybersecurity profession evolves. The rapid adoption of AI and other emerging technologies, coupled with the creation of larger digital ecosystems and increased sophistication of cyber threats, underscores the need for a holistic set of skills per function. Cybersecurity expertise is essential, but viewing cybersecurity in isolation contributes to many of the failures observed today.

Cybersecurity professionals must understand the business context of the ecosystems they protect to apply or embed cybersecurity effectively. They also need to grasp adjacent domains like audit, privacy, risk, and digital technology governance to ensure cybersecurity aligns with the needs of these domains and is not siloed.

Moreover, understanding emerging technologies like AI is vital. One cannot protect what they do not understand—whether identifying risks, building controls, or conducting forensics and investigations in AI-embedded ecosystems.

Changes Coming to the Cybersecurity Profession​

AI is set to continue transforming the cybersecurity profession in the coming years, but the AI-shaped reality has already arrived.

As highlighted in our whitepaper, "The Promise and Peril of the AI Revolution," AI enables a more sophisticated world of cybercrime. Bad actors are using AI to write malware faster, generate hacking scripts, launch ransomware attacks, and convincingly imitate CEO voices. Concurrently, threats against AI are rising, from algorithm manipulation attacks to privacy breaches.

In this context, the cybersecurity profession will become exponentially more important. But what will it look like?

AI offers unparalleled capabilities to identify threats and patterns, automate real-time responses, swiftly process entire datasets, and accelerate decision-making. This transformation will demand cybersecurity professionals to adapt and evolve, integrating AI knowledge and skills into their repertoire to stay ahead of emerging threats.

The future of cybersecurity is intertwined with AI, and professionals must be prepared to navigate this new landscape. By embracing AI and expanding their skill sets, cybersecurity practitioners can ensure they remain relevant and effective in protecting our increasingly digital world.

Read the article: https://www.forbes.com/sites/forbes...cybersecurity-profession-with-the-rise-of-ai/

Internet of Things (IoT) Securing the modern world of IoT

The Internet of Things (IoT) has seamlessly integrated into our daily lives, from the wireless ATMs of the 1990s to today's smart traffic management solutions. The convenience and efficiency brought by connected devices are undeniable. However, as IoT usage has surged, so have concerns and incidences of cyber-security attacks and vulnerabilities.

Cyber-Security Vulnerabilities in IoT

IoT devices are prime targets for attackers seeking access to corporate networks and personal data. Many devices lack default encryption, creating significant vulnerabilities. Sensitive information can be exposed, taken, and manipulated as it is transmitted between devices. Additionally, unsecured interfaces and a lack of physical security measures make IoT devices susceptible to malware injection and other cyber-attacks.

Distributed denial-of-service (DDoS) attacks can leverage botnets to overwhelm and disrupt unsecure IoT devices. Physical or identity theft can grant attackers access to compromised systems, while unpatched security vulnerabilities in firmware and software present additional opportunities for attack. Hackers exploit these vulnerabilities to disrupt operations, gain unauthorized access, and even launch ransomware attacks—a growing threat, especially for critical industrial and infrastructure systems.

In 2023, research found a 400% increase in IoT and OT malware attacks year-over-year, highlighting the rapid escalation of these threats.

Challenges in Addressing IoT Security

One reason this issue persists is that manufacturers prioritize affordability and streamlined user experiences over robust security features. This has created a breeding ground for vulnerabilities that attackers can easily exploit.

Patch management is another significant challenge. Maintaining the security and functionality of networked devices requires regular updates, but the diverse range of IoT devices complicates this task. Each product may require a unique patch, making it difficult for administrators to track and apply numerous updates across vast networks. Unpatched vulnerabilities can be exploited by malicious actors, leading to security breaches, data theft, and compromised networks.

Enhancing IoT Security

Despite these challenges, there are effective methods and technologies to enhance IoT security.

AI and Real-Time Threat Detection

Artificial intelligence (AI) and machine learning (AI-ML) are increasingly important for real-time threat detection and response (TDR). By analyzing vast quantities of data at speed, AI can identify trends, abnormalities, and possible security breaches. AI-driven security solutions for IoT networks can monitor and control connected devices, speeding up threat identification and mitigation. However, AI tools should not be relied upon solely.

Zero Trust Strategy

Implementing a comprehensive Zero-Trust strategy is crucial. This strategy secures an organization by removing implicit trust and requiring validation at each stage of a digital interaction. Blockchain, built on Zero-Trust principles, offers significant security potential for the IoT market. It enables coordination between devices, tracks these devices, and processes transactions efficiently.

A well-designed Zero Trust strategy should consider all IoT devices and internet-connected systems across a business and clearly delineate responsibilities for managing these technologies.

Conclusion

While IoT brings immense benefits, it also presents significant cyber-security challenges. By leveraging AI for real-time threat detection and implementing a comprehensive Zero Trust strategy, organizations can enhance the security of their IoT networks and devices, mitigating the risks and harnessing the full potential of IoT technology.

Read the article: https://www.business-reporter.co.uk/improving-business-performance/securing-the-modern-world-of-iot

Widespread Azure Outage Impacting CompTIA Websites

Just an FYI there is a significant Azure outage that is impacting CompTIA and many other websites and services. We have posted communications on social media, as per the picture below. This is impacting the ChannelCon site, which includes registration. Azure failover protocols are not working as designed. Microsoft is actively working on this and we are monitoring events in real-time and have all necessary hands on deck. We apologize for any inconvenience, and thank you for your patience.
1721353609886
This issue is now resolved and all CompTIA websites are functioning properly.

Widespread Azure Outage Impacting CompTIA Websites

Just an FYI there is a significant Azure outage that is impacting CompTIA and many other websites and services. We have posted communications on social media, as per the picture below. This is impacting the ChannelCon site, which includes registration. Azure failover protocols are not working as designed. Microsoft is actively working on this and we are monitoring events in real-time and have all necessary hands on deck. We apologize for any inconvenience, and thank you for your patience.
1721353609886

Cybersecurity The Future Of Cybersecurity: Emerging Threats And How To Combat Them

Read Word
The Evolving Landscape of Cybersecurity: Emerging Threats and Best Practices
Cybersecurity is now a major concern for everyone—from businesses and governments to everyday individuals. While the rapid pace of technology brings exciting new possibilities, it also opens the door to more sophisticated cyber threats. Recent high-profile cyberattacks, such as the Ascension attack and the French State DDoS attack, have demonstrated the devastating impact these threats can have.

Emerging Cyber Threats​

The world of cybersecurity is always evolving, with cybercriminals constantly finding new and more persistent ways to exploit vulnerabilities. According to Cybersecurity Ventures, global cybercrime damages are predicted to reach $10.5 trillion annually by 2025, underscoring the urgency for robust cybersecurity measures.

One significant evolution is seen in ransomware attacks, which have moved beyond simply encrypting data and demanding a ransom. Modern ransomware involves data exfiltration and threats of public disclosure, disrupting business operations and damaging reputations.

In May, the Russia-linked Black Basta group targeted Ascension, the largest non-profit Catholic health system in the U.S. The attack disrupted clinical operations across Ascension's 140 hospitals, leading to a loss of access to electronic health records (EHR). This disruption significantly affected patient care, forcing the company to pause some non-emergency elective procedures at its hospitals.

In addition to ransomware, another critical area of concern is supply chain attacks. These attacks target vulnerabilities within the supply chain network, often through third-party vendors, highlighting the importance of securing the entire supply chain.
Furthermore, cybercriminals are increasingly using AI to enhance their attack methods. Consider the following examples of AI-powered attacks taking over the headlines:
  • DeepLocker: A proof-of-concept AI-powered malware developed by IBM researchers, remaining hidden until it reaches a specific target.
  • Deepfake scams: Earlier this year, cybercriminals used AI to impersonate a company executive, convincing an employee to transfer a substantial amount of money.
AI-driven malware can adapt to avoid detection, and AI is used to create deepfakes for sophisticated social engineering attacks.
Distributed denial-of-service (DDoS) attacks also pose significant threats by overwhelming a target's network or website with a flood of internet traffic, rendering it unusable.

In March 2024, over 300 web domains and 177,000 IP addresses associated with the French government were targeted in a massive DDoS attack. The attack, claimed by Anonymous Sudan and suspected to be sympathetic to Russia, caused severe disruptions to major public service websites.

Best Practices For Building a Robust Cybersecurity Infrastructure​

Building a robust cybersecurity infrastructure is essential to combating these evolving threats. Adopting a zero-trust model ensures that every access request is verified, regardless of its origin. Key components include multi-factor authentication (MFA), least privilege access, and network segmentation.

Additionally, advanced monitoring tools are essential for detecting and responding to cyber threats in real time. Security information and event management (SIEM) systems and AI-driven analytics provide comprehensive visibility into network activities and alert security teams to potential threats.

Equally important is addressing human factors in cybersecurity. Employee training and awareness are crucial, as human error remains a significant vulnerability. Regular training programs can equip employees with the knowledge to recognize and respond to potential threats, such as phishing attacks, thereby creating a culture of security awareness and combatting successful attacks.

The Role Of AI In Cybersecurity Defense​

While artificial intelligence (AI) has enabled cybercriminals to expand their capabilities, it has also emerged as a powerful tool in the fight against cyber threats. AI's capabilities in threat detection and response have revolutionized cybersecurity defense strategies. By leveraging machine learning algorithms, AI can analyze vast amounts of data to identify patterns and anomalies that may indicate a cyber threat.

AI-driven cybersecurity solutions can automate threat detection and response, reducing the time it takes to mitigate attacks. This proactive approach allows organizations to avoid cybercriminals and protect their critical assets.

Join the Discussion​

As we navigate the complexities of the digital age, it's crucial to stay informed and proactive about cybersecurity. What are your thoughts on the emerging cyber threats and the role of AI in cybersecurity defense? Have you implemented any of the best practices mentioned above in your organization? Share your experiences and insights in the comments below. Let's work together to build a safer digital world!

Read the article: https://www.forbes.com/sites/forbes...rity-emerging-threats-and-how-to-combat-them/

Women in Technology How Female Entrepreneurs Are Using Technology To Solve Real-World Problems

The state of entrepreneurship in the U.S. is robust, particularly for women. According to the 2024 Wells Fargo Impact of Women-Owned Business Report, women have been opening businesses at nearly twice the rate of men and now represent 39.1% of small business owners. This remarkable growth sees women venturing into diverse industries, including financial, real estate, and technical services.

Across these sectors, female entrepreneurs are harnessing the power of technology to create solutions to real-world problems, driving lasting change. Their unique perspectives and experiences are leading to the development of innovative business models and brands that are fundamentally reshaping their industries.

The Rise of Women in Tech

According to Deloitte, the tech industry has seen a significant increase in female leaders, with women now representing 33% of the tech workforce. However, women don't need to be classified as working in "tech" to benefit from technology when starting their own businesses. They are making significant strides in the broader tech industry, developing innovative products and services that enhance various aspects of daily life. By focusing on user-centered design, they create solutions that improve quality of life and drive economic growth.

“Tech has opened up so many opportunities for entrepreneurs looking to solve problems that they see happening among their community, including with their friends, family members, and peer groups,” says Paula Panagouleas Miller, founder of the app Karmascore. Her app helps people measure key aspects of their personal and professional relationships, a feat made possible by technological tools that generate, analyze, and summarize data.

The Power of Data in Problem Solving

Data is a powerful tool in business, and technology enhances its utility. “I’ve found that documentation is vital for our users, as it allows them to track the ins and outs of their relationships. This allows people to take stock of their interpersonal interactions and make better decisions about who to prioritize their time with,” says Miller. Such documentation and tracking would not be possible without advanced technology.

Improving access to key data points will lead to additional applications as more entrepreneurs find ways to use data for practical purposes. “Because there's only going to be more data in the future, there will just be more and more applications everywhere,” says Professor Mark N. Broadie from Columbia Business School. These applications can cross industries and help people in every aspect of their personal and professional lives.

Overcoming Challenges

While female entrepreneurs are making remarkable contributions across various sectors, they often face significant challenges. “Technology can help break barriers women face, including accessing funding, facing gender bias, and experiencing limited representation in industry,” says Miller. “For many businesses and applications, tech breaks down some of those barriers by increasing accessibility and helping entrepreneurs do more with fewer resources.”

The Impact of Women Using Tech in Entrepreneurship

The impact of female entrepreneurs using technology extends beyond their individual ventures. “Women entrepreneurs who use tech are addressing real-world problems people in their communities and around the world face every day in unique and innovative ways. Moreover, their success serves as an inspiration for future generations of women, encouraging more young girls to pursue careers in technology and entrepreneurship. As the tech industry becomes more inclusive and diverse, the potential for groundbreaking innovations and positive change will only continue to grow,” says Miller.

Let's celebrate and support the women who are transforming the entrepreneurial landscape with technology. Their stories and successes are paving the way for a brighter, more inclusive future in tech and beyond. How can we further support and amplify the voices of women in tech entrepreneurship? Share your thoughts and join the conversation!

Read the article: https://www.forbes.com/sites/jiawer...sing-technology-to-solve-real-world-problems/

Web3 Three Reasons Why Your Business Should Switch To Web3

Web 2.0 was the version of the internet that unlocked a virtual world of social interaction and collaboration on the Web. For the first time, the internet went beyond basic, static HTML pages to dynamic websites with user-generated content (UGC). Then, search engines and social media applications like Google, Facebook, YouTube, Instagram, and more emerged, and users could interact and share photos and videos with their friends, co-workers, and family members.

However, as Web 2.0 became increasingly successful, new patterns began to evolve. The internet became increasingly centralized, consolidating digital power in the hands of a few large companies. Pages were censored, cybersecurity attacks skyrocketed, and some corporations began to sell user data to advertisers for monetary gains. Providers could kick websites deemed not to conform with their policies off the internet or restrict them from appearing in Web results. In many cases, tech giants became both judge and jury.

When Google—one of the most successful tech corporations and search engines—dumped its "Don't be evil" motto, it was clear that the internet needed to become independent once again.

Welcome To Web3

Web3 represents a new phase of the internet that emphasizes decentralization, privacy, security, and personalized experiences. It integrates technologies like blockchain and cryptocurrency to create a decentralized network that isn't controlled by a few tech giants but rather "by the people, for the people."

Whether you're a business owner, creator, developer looking to build scalable products, or average internet user, here are the top three reasons why you should consider switching over to Web3:

  1. More User Control: One of the primary advantages Web3 offers is restoring users' data rights. On Web 2.0 platforms, although users can freely share content, they don't retain any rights over data shared on these platforms. In a classic example of "If you're not paying for the product, you are the product," many Web 2.0 social media platforms actively encourage users to share data like personal information, preferences, and more in return for the free use of the platform. This information and other data, such as buying patterns and website visits, are tracked, recorded, and then sold to advertising companies, which use it to create targeted ads. In contrast, on Web3 platforms, the user remains the rightful owner of any data and information shared. Users also have control over what portion of data they want to share with advertising companies and can even directly profit from the monetization process. The inherent blockchain features also allow users to create decentralized identities that aren't dependent on centralized authorities—an approach that provides greater flexibility and control.

  2. Security And Cross-Border Payments: Web3 offers a security architecture backed up by the integrity of the blockchain—a distributed system with multiple failsafes. For business owners, this provides a double-fold advantage. First, the Web3 decentralized system makes applications very resilient to failures. This is due to a redundancy system that ensures that even when one node (server) goes down, several other nodes in the network will automatically compensate and keep the application running.

  3. An Incentive-Based System: Web3 advocates a system where all participants rather than a few centralized entities win. Take NFTs (non-fungible tokens) for an example. Although trading monkey pictures may no longer be the fastest way to make thousands of dollars, the technology behind the system is still solid. NFTs present a way to directly reward creators for their artistic contributions without losing a portion of their profits to centralized middlemen.
Join the discussion and share your thoughts on transitioning from Web 2.0 to Web3. How do you think Web3 will shape the future of the internet?

Read the article: https://www.forbes.com/sites/forbes...sons-why-your-business-should-switch-to-web3/

Introduce yourself here!

Hello everyone ? my name is Ryan Groves. I was born in Louisville KY, but now reside in Clarksville, IN.

I have recently obtained certifications in both Network+ and Security+ in hopes of transitioning to a more rewarding career that's exciting, and constantly evolving, with the hopes of becoming a cyberthreat incident responder.

I was introduced to the IT world at a very young age thanks to a family member showing me their PC rig during a Christmas party. I fell in love with the online world shortly after that discovery, searching for thrilling experiences playing online shooters and MMOs. I'm also a patriot who loves his country and believes everyone's rights should be protected no matter what. I feel as if following this career path will also fulfill my sense of duty to my fellow Americans (and of people abroad), by protecting vital systems and data from being compromised by attackers.

I hope by connecting with people of like-mind that I may learn new things and become a force for good.
Here is my LinkedIn for anyone interested in connecting ?
www.linkedin.com/in/ryg1993

Thank you for reading
-Ryan

Newly Certified A+

congratulations on getting your A+, if you want to stay with CompTIA, and go into Cyber Security, you want to continue with Network+ and Security+. If you have little knowledge on networking and security principals, these paths will fill in those gaps. Understanding how networks work, subnetting, VLAN, network protocol and security concepts all are covered in these courses. After that Cysa+ or Pentest+ would be you next path. Cysa+ is more in the Security Defense side, Pentest is how to conduit penetration test. both are good to know, but I would say Cysa+ is more in line with Cyber security, Pentest+ is good to enhance your cybersecurity knowledge, but both are good to have. Remember you need to crawl, walk then run. I have seen make students jump into cyber security course without understanding basic networks and get lost. Getting a Stonge foundation with networking, "a little coding helps" and security principals and you be read for any advance security courses. Good Luck in your studies

Filter