As we gear up for 2025, I've been doing a lot of thinking about the advancements in generative AI over the past year. It feels like over the next twelve months we could see a shift in how we approach data, interact with AI, and ensure that we're doing it all in an ethical and responsible way. I've got some thoughts on why data quality is about to become a major focus, the ways agentic AI could change our daily interactions with technology as a whole, and why we need to make sure we're handling these systems with care. So, let's dive in and take a look at what I'm seeing on the horizon for 2025.

It’s All About the Data

The phrase “data is the new oil” has been commonplace over the past decade or so, but I predict 2025 is when we’ll actually start seeing it play out. As more organizations adopt and build generative AI systems, the need to ensure those systems are ingesting good, quality data becomes increasingly important.

The shift towards quality data isn't about having more data; it's about having better data. Generative AI models are only as good as the data they're trained on. In 2025, we’ll see a focus on data quality initiatives. This means organizations will be investing heavily in data cleaning, validation, and enrichment processes, moving away from simply hoarding vast quantities of information to curating high-value datasets. This commitment to quality will be a key differentiator for AI performance and the success of these systems.

Furthermore, the role of data stewards will become increasingly crucial. These individuals (or maybe even AI agents. More on this in a moment.) will be responsible for the lifecycle management of data – from its creation and collection, through its storage and use, to its eventual archiving or removal. Good data stewardship is about more than just governance; it’s about ensuring data is accurate, consistent, secure, and used ethically and responsibly within the context of AI projects. Without solid data stewardship, the most sophisticated AI models will still struggle, leading to biased, inaccurate, or even harmful outcomes.

One conversation I've had recently is about using AI to help employees with health insurance, like asking “What are my vision benefits?" and "What in-network eye doctors are near me?” Ingesting your health insurance policy into such a system may not seem like an arduous task. But your policies will change over time. New policies will need to be added, and expired policies will need to be removed. We can’t simply feed AI a bunch of data and call it day; we need processes for the removal of data as well. This illustrates the need for effective data lifecycle management programs.

Agentic AI

The way we interact with AI systems is set to change as the popularity of agentic AI increases. But what is agentic AI?

Generative AI like ChatGPT, Gemini, or Claude is kind of like a chef in a kitchen. You give them an instruction, and they can whip up a delicious meal. That’s where the “generative” in generative AI comes from; they generate content. But an agentic AI system is more like the restaurant manager, that not only can create new recipes but also decide what ingredients to buy, how to set the menu, and how to coordinate the kitchen staff. Agentic AI systems are focused on goals and outcomes, and they can act autonomously to achieve those goals without human interaction.

While agentic AI systems leverage the creativity of generative AI models such as ChatGPT, they differ in several ways. Primarily, these systems prioritize decision-making over content generation. Secondly, they operate autonomously, driven by predefined goals – like boosting revenue, improving customer feedback, or streamlining logistics – rather than requiring constant human instruction. And finally, these systems possess a more sophisticated ability to handle complex, multi-step processes, navigating data sources and initiating workflows without manual intervention.

Because agentic AI systems are designed to carry out specific, granular tasks, they enable greater specialization of roles compared to general purpose models like ChatGPT. Some agentic systems will have an “orchestrator” which can be thought of as the main agent that interacts with and instructs all of its downstream agents. Imagine this: An AI system is monitoring a salesperson's calendar, and before each meeting, it automatically prepares a brief with information about that customer. And not just any information. Relevant information like past purchase history, previous interactions with their team, and even business trends in their industry.

Responsible AI

“With great power comes great responsibility.” In 2025, organizations will no longer be able to treat ethical AI as an afterthought; it will become a core component of any AI strategy. This means proactively establishing clear policies to guide AI development, encompassing data privacy, transparency, and bias mitigation. This will require not just technical solutions but also a broader ethical commitment across all levels of an organization.

Beyond ethical considerations, robust governance of AI systems will be critical. This includes establishing clear lines of responsibility for AI outputs, implementing testing and validation processes to ensure the reliability of AI models, and setting up clear mechanisms for recourse when things go wrong. We can’t just deploy AI and hope for the best; we have to be good stewards of it. We'll see a growing need for specialized roles, such as AI ethicists and AI risk managers, who will be tasked with ensuring that AI is used responsibly and for the benefit of all stakeholders. The path to realizing the full potential of AI is paved with careful planning, robust oversight, and a dedication to building systems that are not just powerful but also trustworthy and ethical.

I've shared my predictions, but now I'm curious – what are you seeing on the horizon for AI?

Jason Clishe

Jason is a Google Cloud Platform solutions architect at CDW with 30 years of IT experience spanning delivery consulting, partner enablement, and sales engineering. His expertise includes cloud technologies, generative AI, and on-premises solutions, and he leads the design of innovative generative AI solutions on GCP Vertex AI.

In 1993, Burger King became revolutionary. They implemented a groundbreaking technology that changed the game, challenging both customers and workers with a new process: accepting credit cards. In this video reactions were split between fear, resistance, skepticism, joy, and convenience.

In 2024, what does AI have to do with Burger King? Everything. AI in our workplaces now represents the same disruptive factors: do I want to use AI or not? How will my employees start to use it? Will they implement it correctly? How do I even use this system? Do our workforce/customers/clients now have to make new choices?

¡Prohibido arrojar NADA dentro del sanitaro!

(It is forbidden to throw NOTHING down the toilet)

Just like how credit card payments date back to the late 1950s, AI’s roots trace back to the early internet in the form of 1:1 translation. In the early days of translation websites, the level of “thinking” a system could do was literal. For example, in language, "jaguar = cat," but "Jaguar ≠ car."

“I don’t quite agree with it, but a calculator for words is an interesting framing for ChatGPT,” said Sam Altman, CEO of OpenAI. Thanks to technological and algorithmic advancements, AI now can see the “forest through the trees.” According to TechTarget, ChatGPT has over 1 trillion transformer neural networks, enabling it to distinguish between a luxury foreign vehicle and a jungle cat.

With this powerful new “calculator for words,” what does that mean for the workforce? According to a recent market-data report, as it stands now, six out of ten occupations have more than 30% of activities that are technically automatable. As AI advances, instead of “cash or credit,” we might soon have to ask ourselves, “human or AI?” (assuming we are even given a choice…).  Perhaps the best way to prevent AI from taking jobs is to embrace it and implement AI to do our jobs better.

Prompt Engineering? I call it “Prompt Writing”

Before my career as a workforce development consultant, I was a publishing intern, editor, writing tutor, and later an English Language Learner instructor (also, janitor, cook, mosquito control specialist, property abatement worker, and road construction worker—just to name a few).

When I first began using AI a few years ago, two thoughts immediately struck me:

1. I needed to stop using this system like a Google search.
2. Creating effective prompts requires finesse.

I quickly realized that I had to do a bit of writing to get the result I wanted from AI. For me in the moment, the term “prompt writing” seemed more fitting than “prompt engineering.”

There is no “e” in Ketchup

Through research and webinars, I discovered AI was full of interesting little quirks. For instance, some AI systems would confidently assert that there is no “e” in the word ketchup. Try it out today on ChatGPT, CoPilot, or Gemini without logging in—you might be surprised.

Paying attention to social media posts, I also noticed the same common AI buzzwords popping up again and again—like “dive.” Hey, everyone, let’s dive into the topic of prompt engineering, followed by an emoji. We must do better to keep language fresh, interesting, and most of all “human” even when using our fancy new word calculator. By telling AI which words not to use and giving it the proper context, we can disguise its “word calculator” tone and keep our writing more authentic.

Give AI a Job (While I Still Have Mine)

The “lightbulb” moment for me as an AI user was discovering the simple prompt structure of Role-Task-Format. Writing a great prompt starts with giving AI a job: assign it a role. For example, tell AI: Act as a sales rep, consultant, or data scientist. Giving AI the right context is essential to getting the best results.

AI knows a lot, but it doesn’t know what’s important to you until you tell it (you don’t know what you don’t know). Next, specify the task you want it to perform: Create a marketing email, blog post for Technology First, or session description for your Dayton AI Day presentation. Finally, decide on the format. Should it be 3–4 small paragraphs, a bulleted list, or something else entirely?

“Review the rough draft of this blog post and help me come up with a clever conclusion. Keep the writing style similar.”

Just as credit cards reshaped fast food transactions in 1993, AI is reshaping the workplace today. The parallels are clear: innovation challenges us to adapt, evolve, and make choices about how we engage with new technologies. Whether it’s using prompt engineering to enhance efficiency or approaching AI with a human touch, the question isn’t if AI will change the game—it’s how we’ll play along. I’m looking forward to meeting everyone at Dayton AI Day on Jan 15^th and hope to see you in my “Prompt Engineering…Basics and a Bit Beyond” session.

*This blog post was written by a human…except for the conclusion paragraph.  

Hello Tech Community!

As 2024 comes to a close, it’s incredible to reflect on how far we’ve come as a tech community. At the start of the year, many of us were focused on what lay ahead for technology—emerging trends, evolving challenges, and the innovations poised to shape our future. AI, anyone? Now, as we prepare to enter 2025, we can look back on all that’s been accomplished.

Connecting

This year, we strengthened connections across our tech community in profound ways. With over 50 events—including the Ohio Information Security Conference, Taste of IT, and two Digital Mixers—we created countless opportunities for professionals, students, and organizations to come together, share insights, and advance ideas. At the heart of our community are peer group meetings, a core member benefit that fosters collaboration and ensures the continuous exchange of knowledge.

Beyond events, we facilitated one-on-one connections between members, helping businesses and individuals find the right partners, resources, and solutions to drive their goals forward. To make connecting even easier, we introduced a new mobile app, putting opportunities to engage, network, and collaborate right at your fingertips.

Strengthening

Throughout 2024, we’ve navigated critical topics like cybersecurity, sustainable technology, and of course AI, while continuing to champion leadership and workforce development. We tackled tough questions, such as “What should every tech leader stop doing now?” and provided strategies for protecting and growing tech investments.

We often said 2024 was our year of experimentation. So, we launched the Emerging Tech Leaders program, introduced Workshops, and hosted three conferences – challenging ourselves to push the boundaries while ensuring our programs were designed to equip participants with the skills and tools to lead and adapt in a rapidly evolving landscape. Our Women 4 Tech Conference became an annual tradition, celebrating and empowering women in technology leadership.

Championing

Investing in our community and the next generation of tech leaders remains at the heart of our mission. This year, we raised over $9,000 for the Technology First Scholarship Fund at the Scramble for Scholarships, awarded more than $10,000 in scholarships to regional students, and inspired the youngest learners at the Boonshoft Museum of Discovery through our interactive Tech First Brixilated Mural.

Through initiatives like the Cyber Challenge and STEM Career Fair with the Girl Scouts, we’re introducing future leaders to careers in technology, while our Digital Mixers provided students with opportunities to connect with local employers and kickstart their tech journeys. These efforts ensure a strong pipeline of talent to sustain and grow our region’s tech community for years to come.

A Shared Commitment

Through it all, your commitment to advancing technology in our region has been the constant driving force behind our progress. Our community remained resilient and future-ready by focusing on sustainable practices, workforce growth, and innovative solutions. Together, we haven’t just adapted to change—we’ve led the way, positioning the Dayton region as a hub for innovation and economic growth.

The highlight of every year, for me personally, is watching our members come together—answering a call for help, lending a hand, and encouraging career advancement. These moments exemplify the strength of our community and lay the foundation for everything we achieve together.

Looking Ahead

As we look forward to 2025, we’re excited to continue this journey with you. Next month, we’ll share what’s on the horizon for the new year, including opportunities to connect, learn, and lead in ways that will keep our community thriving. We invite you to kick off the year right at Dayton AI Day on January 15, where we’ll dive into the practical applications and future of artificial intelligence.

But for now, let’s take a moment to celebrate all we’ve accomplished in 2024.

#UniteDaytonTech 

Melissa 

Championing Tech:  The Value of Volunteerism

For November's TECH CONNECT, a month dedicated to gratitude and giving, we’re highlighting three Tech First members who embody the spirit of service and community. Florence Renee Bacote from the Montgomery County Board of Commissioners, Jill Campbell with the Air Force Life Cycle Management Center, and Searsa Johnson of CareSource are among our most dedicated volunteers, lending their time and expertise to events like the Girl Scout Cyber Challenge and programs with the Boys and Girls Club in addition to Tech First conferences and events. Their passion for making a difference shines through in every project they touch. We sat down with Bacote, Campbell and Johnson to discuss what motivates their volunteerism and to hear their advice for those looking to get more involved.

Read on to be inspired by their commitment to giving back!

How did you first get involved with Technology First, and what inspired you to start volunteering?

Bacote: I first became involved with Technology First through my employer, Montgomery County, enrollment as an attendee of the annual Tast of IT Conference and then later as a peer member of the Women 4 Tech peer group. I have always believed that volunteering can have a real impact on the lives of others in need of assistance or direction which continues to help me realize that this impact is a part of something bigger than myself.

Campbell: There have been times in my life when I needed guidance or support and found it lacking, which has driven me to volunteer and give back to others. Volunteering offers me the chance to share my skills and expertise in ways that might benefit others and make a positive difference. I believe the knowledge exchanged through volunteering is incredibly valuable—every experience adds to my growth and understanding. Additionally, it’s rewarding to provide time and services to those who may not have access or the means to seek out this support on their own.

What has been the most rewarding part of your volunteer experience?

Bacote: I have really enjoyed giving my time, energy, and knowledge while connecting to others in the Dayton community. I have always enjoyed working with others and making new friends in an environment that promotes growth along with helping others learn and gain professional experience.

Can you share a specific moment or experience that stands out to you during your time volunteering? 

Campbell: Being sought as an expert and leader while I was facilitating a session at Taste of IT!  It was an honor to hear "I was told I needed to meet you."  To be recognized by peers as a knowledgeable leader and, in this instance, to eventually have a job offer from [the volunteer interaction], was quite a satisfying experience!

What makes our volunteer community special, and why do you continue to give your time?

Johnson: Connection. My continued engagement is driven by connecting with the Technology First community and their caring and dedicated staff. It is vital to be part of a community that openly discusses cyber security and evolving technology.

How has volunteering impacted your personal or professional life?

Bacote: Volunteering has helped keep me keen on my communication, project planning, and teamwork skills. It has also helped me to make great connections and meet new people in the Dayton community.

Campbell:  I have been humbled by the amount of expertise I’ve been exposed to and a substantial amount of my diverse knowledge and “career wisdom” has come from the interactions with the people whom I’ve met through volunteering.  Also, it’s about the network – I can sincerely say that ALL – with the exception of TWO connections – on my LinkedIn network are people I’ve met face to face.

What do you see as the future of volunteerism, especially within the technology sector?

Bacote: The future of volunteerism in the technology sector will likely see a significant increase in digital volunteering, where people can use their technical skills remotely as more and more people are working in remote positions and not physically working in buildings in the community.  I still hope there will be individuals who will still want to do “in-person” volunteering.  There will always be a need for tech professionals with specific skills like web development, graphic design, and especially cybersecurity, whose technical knowledge can be more valuable when demonstrating or teaching these ideas in person with ability to give hands-on instruction or experience.  

Campbell: The Dayton area seems to be skipped over in the areas of technology in regard to large events and connection to the surrounding areas. I believe the more volunteerism that occurs, the "louder" we can be, and the more connected Dayton will be.  Dayton is a vast source of technological knowledge and should not miss out on what is happening around us.  Lets all jump on the volunteering band wagon so we can participate in the opportunities that are happening!

What advice would you give to someone who is considering volunteering but hasn’t taken the step yet?

Johnson: What are you waiting for!?! For someone who is a true introvert and struggles with public speaking anxiety, volunteering with Technology First served as a steppingstone in building my confidence. These volunteering opportunities provided me a safe space to practice public speaking, enhance networking skills, and re-connecting with my peers. Sign up now!

As we wrap up this month of gratitude, we’re reminded of the incredible impact that dedicated volunteers like Florence Renee, Jill, and Searsa have on our community. Their stories encourage us all to find ways to give back, connect, and create lasting change.

Here’s to making a difference together!

Conferences. Are they just a whirlwind of half hearted networking, average coffee, and questionable after-parties? Not for me! I see conferences as a goldmine – a chance to unearth valuable insights, capture educational moments, and ultimately, boost my sales.

Here's the thing: most people attend conferences, passively absorb information, and then…crickets. But the real magic happens after the event. It's about taking those nuggets of knowledge and weaving them into your sales strategy.

Here's how to turn conference chatter into client conversions:

1. The "Hot-off-the-Press" Pitch:

● Identify Key Takeaways: Jot down the most impactful trends, innovative solutions, and industry challenges discussed.

● Craft a Timely Narrative: Incorporate these insights into my outreach. For example, "At the recent [Conference Name], there was a lot of buzz around [hot topic]. It got me thinking about how [your company] could help businesses like yours navigate this…" Be as specific as possible about how the learnings from the conference can apply to your specific prospects environment.

● Establish Thought Leadership: Sharing these timely insights positions me as an expert and demonstrates that I'm invested in staying ahead of the curve.

2. Name Dropping Done Right:

● Strategic Networking: Make a point of connecting with influential speakers and industry leaders.

● Leverage Connections: In follow-up emails, you might say, "[Speaker Name] made a great point about [topic] at [Conference Name]. It resonated with me because…" This adds credibility and context to your outreach.

● Build Relationships: Conferences are a breeding ground for genuine connections. These relationships can translate into warm leads and referrals down the line.

3. Content is King (and Conferences are the Kingdom):

● Repurpose Content: Leverage conference presentations, workshops, and keynotes to create valuable content for my prospects. Think blog posts, social media updates, or even short videos summarizing key takeaways. Don’t be afraid to take selfies or quick videos in the hallways.

● Offer Exclusive Access: Sharing exclusive insights or resources from the conference adds value to my outreach and incentivizes prospects to engage.

4. The Follow-Up Frenzy:

● Strike While the Iron's Hot: Follow up with connections and leads immediately after the conference. The event is still fresh in their minds, making them more receptive to my message.

● Personalize Your Approach: Reference specific conversations or shared experiences to make your outreach more meaningful.

Conferences are an investment – of time, money, and energy. But by strategically leveraging the learnings and connections, I turn that investment into a sales bonanza. So, the next time you're at a conference, remember: don't just attend, capitalize!

About NextStep Networking: NextStep Networking partners with schools to excite and empower students, businesses that make us think, non-profits that want to maximize their impact and government agencies that rely on safety and security. We will bring new ideas and find creative and innovative ways to help your business with technology. Built on a foundation of integrity and community partnership, we believe that helping other like-minded organizations prosper will pave the way to a better future. Join our mission of making a positive impact in the lives of those we serve.

As 2024 draws to a close, the business landscape is evolving rapidly, especially in enterprise communications, technology, and economic trends. For companies to stay competitive, it is essential to remain informed and adaptable. Below, we explore the key developments and insights that will define enterprise communications in the year ahead.

Key Industry Trends in Enterprise Communications

AI’s Expanding Role in Customer Experience and Call Centers
Artificial intelligence (AI) continues to transform customer service and call centers by improving efficiency and personalization. Many businesses are integrating AI-powered tools to automate repetitive tasks, streamline interactions, and provide customized experiences. As AI becomes more advanced and accessible, its adoption will only grow, though the rising costs of implementation and maintenance remain a challenge. Maximizing the potential of AI requires leveraging its data across various departments—sales, marketing, and support—to create a seamless and integrated customer journey.

New Compliance Regulations for Financial Services
The European Union’s Digital Operational Resilience Act (DORA) will go into effect in January 2025, impacting financial institutions and their technology providers. These firms must meet rigorous cybersecurity and operational resilience standards, requiring gap analyses, improved risk management, and resilience testing. While DORA directly affects financial services, businesses in other sectors, including enterprise communications, will also need to prioritize securing their data and systems to stay compliant across industries.

The Evolution of Hybrid Work

Hybrid work models have become a permanent feature of the post-pandemic business world. Although some organizations aim for a return to full-time office work, many employees still prefer the flexibility of hybrid setups. The challenge for businesses is to sustain collaboration, productivity, and company culture in this environment. Investing in advanced video conferencing, collaboration platforms, and secure remote access tools will be critical for staying competitive and attracting talent.

Key Timelines and Regulatory Changes

• January 2025: DORA compliance deadline for financial services and related industries. Ensuring cybersecurity and resilience standards are met will be vital to avoid penalties.

Challenges and Opportunities for Businesses

Economic Uncertainty
Inflation, layoffs, and commercial real estate challenges are contributing to an uncertain economic landscape. Businesses need to be agile, managing costs carefully while investing in technologies that will future-proof operations.

Rising AI Development Costs
While AI offers considerable efficiency gains in customer service and other areas, the costs associated with its deployment and maintenance are increasing. Businesses must evaluate the long-term return on investment (ROI) of AI solutions to ensure scalability and adaptability to future needs.

Evolving Communication Tools
The importance of video conferencing, collaboration platforms, and messaging apps has grown immensely. Companies should continually assess their tech stack to ensure they are using flexible, secure, and well-integrated communication tools that align with their broader business systems.

Strategic Recommendations

1. Invest in AI Thoughtfully: AI can be transformative, but strategic integration across departments is key. Focus on scalable AI solutions that deliver valuable data insights while integrating with existing technologies.
2. Prepare for Regulatory Changes: Businesses in finance and technology must align with new regulations like DORA. Regularly review cybersecurity protocols, third-party contracts, and resilience measures to avoid compliance risks.
3. Support Hybrid Work Models: Hybrid work is here to stay. To remain competitive, invest in technologies that enable employees to seamlessly transition between office and remote work, ensuring productivity and security.
4. Optimize Communication Platforms: Companies should consider consolidating communication tools that offer security, resilience, and integration with IT systems to ensure smooth operations.

Looking Ahead

The remainder of 2024 and early 2025 will bring both challenges and opportunities, including advances in AI and tightening regulatory landscapes. By staying informed, businesses can navigate these changes effectively. Balancing innovation with economic and regulatory readiness will be crucial for long-term success.

At NexusBlue, we are dedicated to helping businesses make informed decisions and adapt to the ever-changing enterprise communications and technology landscape. By acting now, organizations can position themselves for sustainable success and long-term resilience.

NexusBlue
NexusBlue specializes in rescuing, fixing, and reimagining business operations through enterprise communications, digital transformation strategies, and AI assessments. We help companies navigate the complexities of technology and regulation to drive lasting ROI in today’s fast-evolving business environment.

As a business owner, it’s easy to focus on growth, customer service, and day-to-day operations while discounting cybersecurity. However, in a world where 46% of cyberattacks target small and medium-sized businesses, maintaining a secure digital environment is not just important—it’s critical for survival.

This blog dives into the key cybersecurity practices for small and medium-sized businesses, to help you protect your organization from malicious threats and costly ransomware attacks.

Why Are SMBs a Target?

The answer lies in their limited cybersecurity infrastructure. While large corporations invest heavily in advanced security systems, smaller businesses tend to have fewer resources or budgets. However, just because your business is small doesn’t mean you have to an easy target.

Common Cyber Threats Facing SMBs

Understanding the types of cyber threats your business may face is the first step in building a strong defense. Preparing for security incidents is an important business practice.  Here are the common attack methods cybercriminals use:

1. Phishing Attacks

Phishing remains one of the most popular methods used by cybercriminals use. These attacks typically involve fraudulent emails that use urgency, deceptive visuals and links, and impersonation to trick employees into clicking on malicious links or sharing sensitive information.

2. Ransomware

Ransomware attacks involve encrypting a company’s data and demanding a ransom to restore access. In many cases, businesses are left crippled for multiple days or weeks without access to their own information. Even after paying the ransom, there’s no guarantee the attackers will return the data.

3. Malware

Malware is malicious software that can infiltrate your systems to damage, disable, or exploit your data. This broad category includes adware, spyware, and viruses designed to cause harm or steal valuable information.

4. Weak Passwords and Credential Compromise

Weak, reused, or stolen passwords remain one of the biggest cybersecurity risks. A compromised credential allows an attacker to bypass security protocols and gain direct access to sensitive systems.

Small Business Cybersecurity Best Practices

Implementing robust cybersecurity measures doesn’t have to be overwhelming. Here are practical steps you can take to protect your business:

1. Use Multi-Factor Authentication (MFA)

Multi-factor authentication (MFA) requires users to provide two or more verification methods—such as a password and a security code—before gaining access to the system.

2. Regularly Update Software

Outdated software is a major vulnerability. Whether it's operating systems, web browsers, or specialized business software, keeping everything up-to-date is essential. Many updates contain patches for security flaws that have been identified.

3. Create Strong Password Policies

Ensure your employees are using strong, unique longer passwords for each of their accounts. Implement a password policy that requires complex combinations of letters, numbers, and symbols, and encourage regular password changes.

4. Educate Employees on Cybersecurity

Your employees are your first line of defense and greatest vulnerability. Provide regular training helps them identify current phishing scams, social engineering, and recognizing and reporting potential security breaches.

5. Conduct Regular Risk Assessments

A risk assessment helps identify areas of vulnerability. This involves a third party evaluating your current cybersecurity practices, identifying potential threats, and implementing strategies to address them. Regular assessments help you stay ahead of evolving threats and ensure that your defenses remain effective.

6. Backup Your Data

Data backups are critical to recovering from a cyberattack. Ensure that your business performs regular backups of all important data to an encrypted, offline location. This way, if you do experience a breach—such as a ransomware attack—you can restore your systems faster without losing significant data.

7. Install Firewalls and Anti-Malware Software

Investing in firewalls and anti-malware software is a non-negotiable aspect of cybersecurity. A firewall monitors incoming and outgoing traffic and blocks suspicious activity, while anti-malware software detects and removes malicious software before it can do damage.

8. Install Endpoint Protection

Every endpoint (laptop, mobile phone, tablet, etc.) that connects to the corporate network is a vulnerability, providing a potential entry point for cyber criminals. It is imperative for businesses to deploy endpoint solutions that can analyze, detect, then block and contain cyberattacks on remote systems.

9. Develop an Incident Response Plan

An incident response plan outlines the steps to take in the event of a security breach. This plan includes who to contact, how to contain the breach, what to communicate, and the order of systems to be restored based on their importance for conducting business. Regularly practicing incident response through simulations helps your team respond effectively when a real threat arises.

Additional Cybersecurity Considerations for SMBs

While the best practices outlined above are foundational, you can further strengthen your business’s security posture by considering these additional measures:

1. Mobile Device Management

As more employees work remotely or bring their own devices to work (BYOD), managing mobile security becomes critical. Implement mobile device management (MDM) software that enables your business to monitor, secure, and manage all employee devices that have access to company data. This allows you to enforce security policies and wipe devices remotely if they’re lost or stolen.

2. Secure Your Wi-Fi Networks

Unsecured Wi-Fi networks are an open invitation for hackers. Ensure your business’s Wi-Fi networks are encrypted, and consider segmenting networks for employees, guests, and business systems. This prevents unauthorized access and reduces the risk of data interception.

3. Perform Penetration Testing

Penetration testing involves simulating cyberattacks on your system to identify weaknesses before actual attackers can exploit them. Hire a cybersecurity professional to conduct these tests to provide recommendations on how to address vulnerabilities.

Free Small Business Resources

There are a number of free resources available from the federal government and the State of Ohio to reduce your risk to potential cybersecurity threats including:

• NIST Small Business Cybersecurity Corner
• FTC Cybersecurity for Small Business
• National Cyber Security Alliance (NCSA) Small & Medium Sized Business Resources
• https://www.cisa.gov/resources-tools/resources/free-cybersecurity-services-and-tools
• https://ohcr.ohio.gov/

Final Thoughts

By following these cybersecurity best practices, your company can create a strong digital defense and focus on what really matters—growth and success. Remember, being cyber aware means being cyber prepared.

Author Bio: As the CEO and Founder of Secure Cyber Defense, Shawn leads a dedicated team committed to safeguarding organizations across the entire spectrum of cybersecurity needs. From perimeter defense to secure network design, and vulnerability discovery to intrusion detection systems, Secure Cyber Defense offers comprehensive solutions tailored to meet the evolving challenges of today’s digital landscape. With over two decades of experience in cybersecurity and information systems, Shawn brings a wealth of expertise to the table. He specializes in leading security teams to bridge the gap between technology and business objectives, empowering informed decision-making that protects assets from both internal and external threats.

As Cybersecurity Awareness Month kicks off in October, it’s a great time to remind everyone at your company to practice cybersecurity awareness to protect against cyberattacks and data breaches. Of course, there’s no completely foolproof way to keep threat actors from attempting to infiltrate your network. But taking these four preventative steps can significantly reduce your cyber risk.

Use strong passwords

Using strong passwords is an easy way to safeguard your apps and digital accounts. At Pondurance, we recommend that users choose passwords with at least 16 characters including uppercase, lowercase, numbers, and symbols. Also, we suggest that users choose a unique password for each of their accounts and never reuse their personal passwords for company accounts.

Like most people, you probably have dozens of accounts with passwords, and remembering all those passwords is a difficult task. That’s where the use of a password manager comes in. A password manager program generates strong passwords, stores them, and autofills the passwords. That way, you don’t have to remember your passwords or write them down. But be sure to use a strong master password that you can easily memorize for the password manager account.

Implement MFA

Turning on multifactor authentication (MFA) can make it especially tough for a threat actor to access your accounts. That’s because MFA requires two or more factors, such as a password, PIN, or verification code, to authenticate your identity at login. The added layer of protection may be the single most important thing you can do to defend against threat actors. Your company should have MFA implemented on every device to avoid being vulnerable to exploitation.

MFA has even become a strict requirement to qualify for a cyber insurance policy. Increasingly, cyber insurers want to see that companies have MFA implemented on every device on a company’s network.

Identify phishing

The Pondurance security operations center (SOC) team ranks phishing as the top method of credential compromise for email users. During a phishing attack, a user gets an email from someone claiming to be a known, reliable source and is fooled into providing credentials, such as passwords, credit card numbers, or bank accounts. The team reports that phishing emails with a financial lure are common fraud schemes during tax season, and malware delivery via phishing emails is an increasing threat. FBI data confirms the team’s conclusions, showing that phishing/spoofing is reported over five times more often than any other type of cybercrime.

In past years, phishing emails were often easy to identify due to their awkward language and poor grammar. Today, it’s not as easy to distinguish a phishing email. Artificial intelligence (AI) services, such as ChatGPT, are now making phishing emails more difficult to detect because AI helps threat actors use convincing language and proper grammar in the email text.

To reduce the risk of an attack, the SOC team suggests that you set inbox rules to detect any unauthorized activity and provide user awareness training for everyone at your company. User awareness training helps your employees, executives, and board members identify phishing emails and learn how to report suspicious activity.

Make updates

Updates fill the gaps or vulnerabilities that threat actors look to exploit in operating systems, software, and apps. Making updates can fix security bugs, protect against malware, improve performance, and more. The cybersecurity team at your company should stay informed about newly disclosed vulnerabilities and perform needed updates and patches as quickly as possible to keep threat actors out of your network.

Conclusion

Making cybersecurity awareness a priority at your company can help you protect against cyberattacks and data breaches. Using strong passwords, implementing MFA, identifying phishing, and making updates are four preventative steps that can significantly reduce your cyber risk during Cybersecurity Awareness Month and all year long.

Author Bio: Mike has enjoyed a career of more than forty years of operations and sales experience in the information technology and cybersecurity industry at IBM, Siemens, Sprint, and AT&T as well as several smaller and startup businesses. He has spent the past twelve years at Pondurance helping organizations tackle the challenges of cybersecurity to better protect their clients and their hard-earned brand reputation. Mike is active in the Central Indiana Information Systems Security Association (ISSA) chapter and is a member of InfraGard, a partnership between the FBI and members of the private sector.

After the successful launch of Technology First's Emerging Tech Leaders program, we sat down with Coach Mike for an insightful Q&A. In this conversation, he delves into the inspiration behind the program, the pressing need to cultivate the next generation of IT leaders, and his thoughts on the evolving role of IT leadership in shaping the future.

Question: What inspired you to design the Emerging Tech Leaders program?

Coach Mike: It was a combination of a several things, but I think they all had the same underlying theme which was the massive gap in leadership and people-management focus in IT. We are a population of engineers and technical-minded people who have lived our lives relying on our logic and reason to solve everything. So often people are promoted into leadership positions and are never prepared or trained to digest and respond to the complexities of balancing technical decisions with the emotional needs of people and maintaining business relationships.  

Question: What key skills and competencies do participants develop in the program?

Coach Mike: Over 12 weeks and six sessions, we explore:

I could probably spend six-weeks on any one of those topics, but the goal is to provide participants with exposure to experiences that we don’t talk about often or hear about but haven’t gone through. Then, help the participants understand the mechanics of each topic. Each session in the course is designed to equip attendees with insights, new tools, and various perspectives on how to navigate complex situations when they return to their roles.

Question: How does the program's interactive, scenario-based approach enhance leadership learning?

Coach Mike: Consistently, people say “I’m a hands-on learner.” In fact, I can’t think of a single time anyone has ever said to me “I can’t learn anything hands-on; what I need is a good PowerPoint presentation.” As we cover these principles, we put participants in complex scenarios, and the scenarios compound over the program. By the end of the course, we’re able to look at a scenario and consider the results of an action, balancing the financial, emotional, and relational aspects and perspectives of our customers, teams, and leadership.

Most of the scenarios are not meant to be “solved;” it’s not even about finding a “right” answer; instead, it’s about managing complexities and understanding the impact of decisions.

Question: Can you share an example of a scenario participants might encounter during the program?

Coach Mike: We had talked about who we are as a leader and started to inspect our competencies and areas of growth, as well as how that aligned with the organization we are in. In the week this scenario was presented we were discussing performance management and measurement.

The class was asked to consider all aspects of the scenario and put together a plan.

The point is not necessarily to solve the situation, but more to consider – and manage - all the dimensions at play. There’s no “right” answer; the appropriate or productive actions to take can vary wildly depending on the organization’s expectations and principles as well as the managers personal management style and values.

Also worth mentioning is that this is one of seven possible scenarios that groups are given, and this is probably one of the less complex situations.

Question: What unique challenges do new and aspiring IT leaders face today, and how does the program address them?

Coach Mike: IT leaders experience many of the same challenges that plague other leaders, especially ones who are leading highly specialized functions. And like other leaders, one of the most common challenges is often lack of training.

What I see that is unique to IT is the perception that IT is nothing more than a service center for the business. Pair that with technology solutions being oversimplified and the entire vocation seemingly being “magic,” and we are often overlooked when key decisions are made. We’re brought in far too late or handed a solution which is not viable for various reasons. Our Emerging Tech Leaders program helps by addressing this potentially detrimental dynamic, putting an emphasis and awareness around building a strong professional network, building business alliances, presenting IT as a business solution in clear, relatable terms, and making the IT team easy to work with as a partner.

Question: How do peer group collaborations contribute to the learning experience?

Coach Mike: This is one of my favorite things about the program! Having a diverse mix of industries, experience, and company sizes has proven to be very valuable, enriching our discussions. There are perspectives that people in small companies have that can influence a department leader to think more broadly, such as customer impacts. Conversely, a larger business typically has a very broad range of controls and policies that small groups may not be aware of, but either need or will need, such as IT Security or DevOps.

Sharing perspectives on team culture, hiring practices and relationship building from various backgrounds helps broaden everyone’s understanding and approaches.

Question: How does the program help participants navigate the unique challenges of the tech industry?

Coach Mike: Tech can be a bit of a black-box and sort of magical to a lot of people, so one of the biggest challenges of working in tech is trying to relate what we’re doing to objectives that make sense to others and building confidence in our business partner. Our program focuses on giving participants the tools to navigate their work culture and figure out messaging that instills trust in their organization. Inspiring trust and comradery goes much further than a lot of buzzwords and generic communication strategies that are too vague to apply to complex cultures and relationships.

Question: What advice would you give to someone considering joining the next cohort?

Coach Mike: I’d advise them to just sign up! This isn’t your typical training. We don’t hand out scripts. Instead, we explore how to grow as leaders, peers, and team members.

You’ll develop a cohort of peers, work closely with them on common goals, share insights, and solve problems together. Every session we explore lessons learned since the previous session; demonstrating how the principles we discuss influenced real actions.

Question: How do you see the role of emerging tech leaders evolving over the next few years?

Coach Mike: Over the past few years, I’ve seen growth in “functional” leadership. Roles like Scrum Masters and Technical Leads as well as Senior Technologist and Architects are establishing themselves as valuable leaders to have at the table. Leadership is shifting from purely technical roles to business partners.

Some of the best leaders I have worked for were more skilled in project management and navigating relationships than in technical disciplines.

The best organizations are moving toward enabling leaders and managers to focus on career development, coaching, organizational relationships, coordination and planning. Ultimately, organizations that embrace autonomy and self-regulation, empowering leaders to navigate and collaborate - versus a hierarchical and/or matrix structure - will be leaders in their industries, realize increased productivity and deliver more success.

Author Bio: After decades in the IT industry, moving in and out of various technical and leadership positions, Coach Mike Czarnecki was introduced to a transformational leadership coach. Working with a coach changed his life and made him realize that his love of people and personal accomplishment could be more than a task that he was expected to do off the side of his desk. With nearly 30 years of experience in large, medium, and small business, as an individual contributor and leader, a full-time employee and consultant, an employee and business owner, Mike turned his passion into reality by adding IT coach to his resume.

For the first time in United States history, we have five different generations in the workplace.

As an employer, the quicker you understand the skills and motivation each generation brings to your company the better. The interaction of these different generations is a valuable asset for your company. Working together, they can assist you in building the most productive and innovative workforce in your company's history.  Each generation has unique lived experiences - ranging from the Great Depression and WWII to the Vietnam War, September 11^th and prolonged unrest in the Middle East, as well as many other important cultural and historical events.

These diverse experiences lead to varying values and expectations in the workplace. For these reasons, employers face challenges in setting up compensation and benefit systems as well as creating workplace cultures that reflect the needs of all generations. This is potentially the most challenging time in history for Human Resource professionals to build effective teams and for Leaders to guide them to ultimate success.

1. Understanding Experiences and Expectations: The first step to managing a multi-generational workforce is to understand each generation's experiences and expectations to best meet and address their needs. This infographic from Purdue highlights trends within each of the generations.
2. Strategy of Strengths: Once your company understands these generational differences, you can begin to build your workforce strategy in order to best incorporate the strengths of the different generations. A solid workforce strategy will help ensure sustainability, healthy growth, and success. This strategy can help you identify talent and skills gaps, forecast supply and demand, and ensure that you have the right people to meet your strategic objectives. Benefits of a solid workforce strategy include reduced hiring costs, fewer talent gaps, increased retention, and better management of risk.

• There are several steps to building a workforce strategy and the process always starts with defining workforce needs based upon your strategic organizational goals. Next, analyze market trends for each need as well as your internal trends (e.g. retention, turnover). After you have defined your needs, evaluate your current talent and figure out how you can tap into other sources of manpower to fill your needs. It is always recommended that your workforce strategy is diverse and tailored to your specific company. Tap into the plethora of resources in our region including interns, new graduates, mid-senior level transfers, upskilling, and a diverse range of candidates including older adults, veterans, new Americans, reentered citizens, and people with disabilities. With a robust balance of employee sources, you can ensure a strong workforce as well as a deep bench of new employees.

3. Monitor & Adjust: After you develop your workforce strategy, it is crucial for your company to continue to assess your plan, your outcomes, and your success in order to make necessary adjustments to ultimately achieve your company’s goals. 

Embrace the opportunities a diverse generational workforce presents to create a robust culture capable of tackling challenges and driving growth and success. 

Author Bio: Cassie Barlow is the President of SOCHE, a non-profit organization that collaborates with Higher Education, K-12, employers and government in order to impact economic development through education and employment.