By: Cassie Barlow, President, SOCHE

The times are changing in the world of talent attraction and management…..has anyone noticed?  Who hasn’t seen a help wanted sign in the last few weeks? We have all noticed the changes and we are also all trying to figure out how we can recraft our workforce strategy in response.

The experts in the field of talent, workforce and organizational development are all trying to understand the needs of employers and employees while examining best practices in order to offer the best ways to engage and retain talent.  Here are a few thoughts on what is trending in the field and some tips that may help your company find the workforce that you need and keep them engaged and on the job for many years. 

If you are one of the companies who have lost great talent over the last 18 months, join the club.  The loss of this talent along with the dearth of new talent in the marketplace has led many employers to take a very close look at their workforce strategy, organizational design, structure, salaries, benefits, and job descriptions. Now is the time to examine your internal talent, organizational structure and design and figure out what are the most important tasks that need to be accomplished and the best way to group these tasks into job descriptions. This is also a great time to examine the diversity of your current team and develop some intentional steps to attract and recruit a more diverse group of employees. The research on team performance has indicated repeatedly that team effectiveness, innovation and efficiency improve with diverse teams.  There may be opportunities in your company to upskill current employees, to combine job descriptions, to rescope job descriptions, to staff positions with employees at a different level and to look at outsourcing.  This is an important first step before trying to operate in the same way that you did a few years ago.

Attracting and hiring new employees is just one part of the talent equation. The trends in employee engagement and retention are also a different landscape from previous years. Professional development is a critical focus area for many employers and an expectation from employees.  From internal company transfers and upskilling to paying for degrees and certifications to microlearning, your future employees are looking for ways to continue their development in their new company.  Professional development is a wonderful way to engage your employees.  Another way to engage your employees is through regular team building and community service. A team becomes their best when they know each other, and both of these activities can boost your team performance as well as build your company culture.

Now let’s switch our focus to keeping our employees on the team!  Employees want a sense of purpose at work.  They want to truly understand the value and the meaning of your company's mission and vision.  They also want to know exactly where they fit into your strategy.  Meaningful work and a sense of purpose will encourage employees to stay with you.  In addition, employees want to know that they are being paid a competitive wage and benefits. 

Take the time to conduct company climate surveys, to listen to your employees and to take action to address concerns.  Your employees need to know that you care about them and that you are doing your best to provide them with the tools they need to accomplish their job, while looking out for their best interests.

Remember that we are all in these challenging times together.  As a leader in your organization, take time to connect via professional organizations and learn from each other. 

Resources:

https://bit.ly/ForneyTalentAquisition

https://bit.ly/ForbesHiringTrends

https://bit.ly/TandEmployee

https://bit.ly/DeloitteHumanTrends

https://bit.ly/deloitteRethinkingRelationships

In July, Women 4 Technology once again hosted an outstanding Meaningful Networking event. During the event, women and men from various industries and technology fields gathered to connect and network. We even had a guest appearance from Treg Gilstorf, our Vice Chair. A big thank you to Brooksource for powering the event and leading one of our table discussions. 

Why Women 4 Technology?

As Kathy Vogler discussed in her guest blog Disparity in the Numbers last month, women make up only 22.3% of the technology workforce. Our W4T Peer Resource Group aims to help improve those numbers by developing leadership through networking, professional development, and mentoring opportunities. 

At the center of W4T's Meaningful Networking events are table discussions led by industry mentors. These discussions leave participants with tips, strategies, and connections to help solve business challenges, dissect industry trends, and achieve career goals. 

July's discussions delivered on these objectives, inspiring several ah-ha moments that left participants with actionable steps and reading recommendations that can be implemented to positively impact our days, careers, and teams:

• Penny McVay with Great American Insurance Group spotlighted Positive thinking and learning: If you think you can’t, you can’t… but if you think you can, you can! Penny shared the story of an NBA basketball coach and his approach to recognize and celebrate his team to success. She referenced two books Freedom Flight - The Origins of Mental Power and The Culture Code: The Secrets of Highly Successful Groups, and one mentee connected these ideas to the book The ONE Thing: The Surprisingly Simple Truth About Extraordinary. 

• Raquelle DeSimone and Julia Holocher of event-sponsor Brooksource led an exercise to help participants Own Your Day: Formula for Owning Your Profession based on the book of the same name: Own the Day, Own Your Life. The three-step exercise focused on defining a mission you believe in, describing how you work effectively, and owning your space. 

• Andrea Dale of To the Point Coaching and a W4T veteran, encouraged the mentees at her table to Strengthen their Influential Leadership Muscles by sharing her insights working with IT leaders. 

• Ashima Sharma with CareSource is a continued W4T supporter. In her discussion, Ashima encouraged mentees to Define Success for Yourself Before Setting Goals through what she has defined as the four p's - people, profit, purpose, and planet.

• And, Claire Rohan, TEKsystems Global Services, discussed Driving Business Value and Keeping the Customer at the Center of Everything You Enable, sharing several key takeaways including the move from solution-obsessed to outcome-obsessed; meeting people where they're at; and understanding that value is always determined by the customer. These lessons came from the book Pursuing Enterprise Outcomes: Maximizing Business Value and Improving Strategy for Organizations and Teams.

We think Lisa Austin of Great American Insurance Group summed up the event best when she said, "I wasn't sure I would be able to make it tonight; but I am so glad I could! This was a great reminder of how we as IT professionals contribute to our businesses, their vision and mission. The event and conversations were a great motivation to me with thought-provoking topics." 

If you haven't attended one of these events in the past, you're missing out! We look forward to you joining us at our next W4T event: 

Creating an Effective Business Case
September 16, 2022
8:30 - 10 a.m.

By: Kathy Vogler, Expedient Technologies

According to the US Bureau of Labor Statistics the rapid rise in women’s participation in the work force was a major development in the labor market during the second half of the 20^th century. In 2019, 57.4% of all women participated in the labor force¹.

It’s become normal for women to contribute to their families’ finances and fill jobs in the marketplace.  We celebrate these accomplishments. However, working women still face serious challenges that their male counterparts typically do not: motherhood and childcare, equal pay discrepancies, growth ceiling challenges with fewer leadership opportunities, and industry specific bias.

Currently only 22.3% of workers in the technology field are women.  A few other fields show similar statistics and a woman trying to make a career in these male-dominated industries must face these biases and cultures.

A simple search of LinkedIn Groups for “women in tech” results in over 1,000 offerings.  We are trying! My first female focused group experience was in 2013 with Women of Cisco and I’m proud of Technology First for creating Women 4 Technology in 2015.  A more recent group (2018) is CompTIA Advancing Women in Technology.  Women in this field understand the challenges. These groups bring together supportive women offering training, guidance, and mentoring. 

57.4% Overall – 22.3% Technology.  Why the disparity in these numbers?

Educators have been working on this issue for many years. How can we attract more young girls to choose a technology career?  “Start early!” shares Martha Taylor, Sinclair Community College Professor of CS&IT “Provide educational opportunities and career modules to K-6 grade teachers and counselors and bring to top of mind the IT career opportunities.  Create programming modules with hands-on projects that will start to build interest in IT for these young women.” And, from Kristin Friend, Senior Partner Development Manager Microsoft “Exposure, exposure, exposure! We need to make sure our STEM programs are designed for and marketed to girls of all ages with women mentors from the technology industry highly engaged with these programs.”

I attend a lot of technology focused jobs fairs and the number of young women attending and applying for available technology positions is dismal. Take a look at the crowd at the next technology event you attend, you’ll see the same.  A glimmer of hope is that the women who are working in technology are thriving and are willing to help others succeed.  The Technology First Peer Group Women 4 Technology currently has 66 active members and quarterly events. We are trying!

Intel’s 2021 Diversity and Inclusion Report ² shows their goal is to increase representation of women in technical roles to 40% by 2030.  Dr. Tarika Barrett, CEO of Girls Who Code hopes to close the gender gap in entry level tech jobs by 2030 ³ “It’s imperative for leaders to play a bigger part in this effort.  Women who do take tech jobs often drop out at age 35.  We need to focus on changing hiring practices and changing culture to sustain their careers and get deep and hardwired into the company DNA.  Sisterhood continues to shape the lives of women in tech who have been hidden or not recognized.  You’ll get stuck but you’ll have this team of support through the sisterhood that will carry you through into the workforce.  Be reflective of things that push you out of your comfort zone.  If you have a supportive organization or company, you’ll find that scaffolding you’ll need to sustain.”

Some important career lessons learned about being female in technology, “You have to demonstrate you have the knowledge to work in IT. It’s important to acquire skills and stay relevant in your field” shares Martha Taylor. And, from Kristin Friend “If you find a job opening that you may not have all of the skillsets per the post, it is ok, still go for it! Men do this all the time, whereas women tend to hold back until they feel they have checked all the requirement boxes. You want to find a job where you can leverage the skillset you have but can also grow and learn to advance your career.”

Women have come a long way but the fallacy persists that most women would rather not be techie. This change in mindset to offer technical opportunities to young women needs to come from parents, teachers, guidance counselors and course learning mechanisms.  To keep the women who choose this path from discouragement, change in mindset needs to happen with the C Suite, HR and employee culture committees.  Women bring strength through diversity and will positively impact technology given the opportunity.

We are trying!

1 Women in the labor force: a databook : BLS Reports: U.S. Bureau of Labor Statistics

2 Intel (Nasdaq: INTC) 2021 diversity and inclusion report - Bizwomen (bizjournals.com)

3 https://www.linkedin.com/news/story/girls-who-code-ceo-leans-on-sisterhood-5346636/

Technology First announces the election of two new members to its Board of Directors. The newly elected Board members are Karen Kauffman and Kevin Johnson.

Technology First’s Executive Director, Melissa Cutcher, said, “We are so pleased to welcome these two talented individuals. Their unique backgrounds, skills and experiences will make them great additions to our board and the organization”.

NEW BOARD MEMBERS

Karen Kauffman, Director of information Technology for Precision Strip Inc., which leads the industry in metal processing and technical capabilities. Precision Strip has grown to 15 locations throughout Ohio, Kentucky, Indiana, Alabama, Tennessee, and Michigan. Karen is passionate about innovation and supports Precision Strip as they continue their business through building locations and acquisitions.  

Kevin Johnson, Vice President of Information Technology

Wright-Patt Credit Union (WPCU) which is a not-for-profit cooperative, where members are owners of the credit union, and therefore share in a portion of the credit union's profits. Kevin supports WPCU by providing strategic and managerial responsibility for WPCU’s information technology division, including financial systems, data warehousing, technical services, IT Security, and Project Management Services.

Technology First Board Members

Officers:

Board Chair - Scott McCollum - Sinclair College

Vice Chair - Treg Gilstorf - Smart Data

Treasurer - Bryan J. Hogan - Afidence

Directors-at-large

Jim Bradley -Tecomet (Retired)

Diana Bolden - (Retired)

Paul Stoddard - Gartner

Matt Coatney -Thompson Hine LLP

Gary Ginter - Premier Health

Lisa Heckler - CareSource

John Huelsman - Hobart Service

Don Hopkins - Wright State University

Don Kennedy - Smart Data

J.D. Whitlock - Dayton Children’s

Paul Moorman - ND Paper (Retired)

Thomas Skill, Ph.D. - University of Dayton

Kevin Johnson - Wright-Patt Credit Union

Robin Poffenberger - Washington Centerville Library

By: Bill Baez, PhD, Vice President-Strategy, Ascend Innovations

Data scientists begin analysis by working to understand the people and data involved before turning any numbers into actionable, data-driven insights. Data science frameworks often begin with an initial step of “Business Understanding”, as seen in the Cross-Industry Standard Process for Data Mining and Microsoft’s Team Data Science Process. However, like many analytical fields, data science is often defined using a cold, precise tone, like this one from a recent CIO article:

“The goal of data science is to construct the means for extracting business-focused insights from data. This requires an understanding of how value and information flows in a business, and the ability to use that understanding to identify business opportunities.”^[1]

And while true, definitions like these often gloss over a fundamental aspect of these data-driven insights – the people using them.

While data science frameworks often focus on the need to understand the business, they lack an emphasis on the individuals faced with problems that require the data scientist’s expertise to solve. To provide great and effective solutions, data scientists must be willing to understand what their users feel about their problems. Data scientists need to first empathize with their clients.

A growing trend within data science is incorporating elements of design thinking into data science frameworks. Design thinking has long been used in product development and considers empathy to be the first step where researchers can get a better understanding of the problem users are trying to solve.

Data science is fundamentally a collaborative effort between you and those using your solution. Data scientists that foster a deep interest in understanding the people for whom their products are built, create more effective data-driven products and services than those that deliver a sound technical package. Data scientists must place the same weight on understanding their user’s needs as they do in feature engineering or picking the right machine learning model. Not seeing the problem through the user’s eyes can lead to weeks, if not months, of wasted effort creating a model or dashboard that is ultimately not used.

Historically, data scientists have focused on the technical aspects of a project to improve performance. Improved accuracy is only part of the equation when examining a product’s effectiveness. Increasing a model’s accuracy from 80% to 83% isn’t always the right metric to measure its impact on the problem you set out to solve. You want to find out how often that model or dashboard is being used and in what context. You also want to understand how much the decisions made by the models are acceptable to users, how to build trust in the results, and how your users identify value from your product. The answers to these questions will help data scientists develop solutions that are not only technically right but also effectively right for the people using them.  

Bill Baez, PhD, Vice President-Strategy, Ascend Innovations

Bill is currently the VP of Strategy at Ascend Innovations in Dayton, OH. In his role, he works closely with multiple departments to provide socially impactful, data-driven products and services to organizations trying to solve complex community problems.

^[1] https://www.cio.com/article/221871/what-is-data-science-a-method-for-turning-data-into-value.html

By Shawn Waldman – CEO – Secure Cyber Defense, Miamisburg, OH

I've been in technology for over 25 years, and one of the first things I did in 2009 when Cybersecurity was becoming a thing was to have an external firm evaluate my program. Considering that I didn't have a program back then, the results were very enlightening. I hired a firm that could look at me through a completely different set of eyes. They didn't know my company or me and came at the task differently. 

Let's look at some of the many reasons you would want to have this done. 

Insurance

First and foremost, we're seeing that many insurance carriers are explicitly asking you to have a 3rd party assessment to renew or obtain coverage. Unfortunately, this leaves the door open for interpretation of how the evaluation is carried out. We recommend using many mainstream compliance frameworks like the CIS Top 18 Controls, NIST 800-171, or the National Cybersecurity Framework. Depending on the maturity of your organization, you might also want to investigate the ISO 27000 set of standards.

Risk Management

When I'm talking to potential clients, one of the first things I usually talk about is that no business owner will decide about a significant move in just about anything without having good intelligence and information to support the action. Quite frankly, many company executives and managers are completely unaware of the Cybersecurity risk that might be present. A considerable benefit of the assessment process is that a seasoned and experienced assessor can pivot from the interview and look more profound for risk. What's the most common way risk makes its way into an organization? Change.

Getting a Fresh Look

Sometimes, it's just nice to get a second set of eyes on things to see if anything is missed or a different way of doing things. A natural reaction is to resist the need for an assessment because it can be seen as a threat or a sign of distrust. Quite the contrary, actually, in the over ten years I've been doing 3^rd party assessments, I can only count on one hand the number of times that someone took it that way. Most companies and IT staff welcome a second set of eyes, especially with Cybersecurity, since most IT staff don't want to take on that expertise.

Compliance Requirements

Maybe your organization is required to maintain a certification or requirement for you to perform a contract or business with a customer. In this example, CMMC/DFARS/NIST is a perfect model. Since before the requirements were ratified, Secure Cyber Defense has performed pre-assessment work in this area as the customer's advocate. Although the CMMC rules are in flux (recently reduced from 5 levels down to 3), it's important to monitor new contracts for CMMC notification levels. Until then, make sure you work with a trusted provider who can start working with you through the Plan of Action and Milestones (POAM) and help prepare the System Security Plans (SSP). We recommend all defense contractors continue to work on the DFARS/NIST compliance pieces as regardless of what CMMC does, those components will be required for the foreseeable future. 

Vendors/Customers Request It

Next on the list, you would want a 3rd Party Cyber assessment because vendors and customers may require it. It's not out of the question, and many of you have already been requested to have an external evaluation to keep those relationships. These requests generally surround the increased push for organizations to keep their 3^rd party vendors in check (i.e., CIS Control 15 covering service provider management). It's always good to keep a current external assessment on file; we recommend every year or every other year.

Light Threat Hunting

Something that we've been doing since the beginning has been doing what we call "light threat hunting." In the course of our assessment, we provide some threat hunts of known and documented threats (like log4j indicators) and communication with countries currently listed on the Office of Foreign Access Control (OFAC) list. Often, this can be a good indicator of a potential threat or evidence of one in history. As you are searching for 3^rd party assessment vendors, I would ask about.

Blow the Dust Off Your Policies

The policy is still one of the not-so-glamorous parts of managing an IT Department and a Cybersecurity program. Things like an Incident Response Plan, Disaster Recovery, and Business Continuity were all things that were not on the priority list year ago. That being said, we've come across many organizations that have policies but haven't been updated for many years. Assessors can look at the guidelines that you do have and provide some feedback on any changes that might need to be made to make them current.

C-Suite and Boards Take Note

Executives in the C-Suite and Boards need to note that not having an external look at your organization can often put you in a blind spot. Like I've said previously, it's not a trust issue, and it's the fact that you can get tunnel vision looking at the same things for many years. Like I've said earlier, this happened to me when I was managing IT. Only when I hired an external firm to look at my organization did I learn that there were processes and information I didn't have about new hardware/software solutions available.

Perform Regular Re-Assessments

As indicated in this article, we recommend getting regular assessments and rotating through providers at least every other year, much like you would with penetration testing. The idea behind this is that you will get a completely different perspective and process each time you switch vendors.

In Summary

This article has spent a lot of time discussing why you would need to hire a firm to perform a 3^rd party Cybersecurity assessment, and I've outlined many of the reasons we do them and some of the components that make up our service. Please spend some time interviewing the firm as one of the most valuable assets of an assessor is their background and experience and their ability to inject their years of expertise into your company.

About Secure Cyber Defense  

Secure Cyber Defense offers 24/7/365 threat monitoring services, Fortinet hardware, secure email, cybersecurity and compliance consulting, incident response services, and cybersecurity training for businesses and government agencies to protect company data from cyber threats. Offering both installed and "cybersecurity as a service" offerings, we scale custom solutions for any size organization. Secure Cyber Defense is a Premier Fortinet Partner.

Mardi Humphreys, Change Agent, Integration Edge

Tenacity is when we try something, but if it doesn’t work we try different ways to achieve the same goal. Here’s why and how we should develop tenacity on the job.

Why:

Tenacity is a hard ability to train, so tenacious employees earn the respect of both their managers and peers. Workers willing to do what is necessary for the business to endure downturns are the ones who get to keep their jobs. Successful people are tenacious. Doing hard things and seeing them through to completion gives us confidence. We develop mental toughness and keep going when others quit. Most people expect Plan A to work every time, but how often does that really happen? There are 26 letters in the alphabet. Let’s be unafraid to go back to a failed Plan A and revise it to make a Plan B, Plan C, or however many letters it takes to overcome the setback. Let’s learn how to not make the same mistake twice. Making new mistakes is much more fun.

How:

• Perceive failures as experiments: When we think we’ve spent all our energy and ideas on overcoming our obstacle, let’s give it one more try and change the input to achieve a better outcome. Often, the answer lies just beyond what we think we’re capable of.
• Set S.M.A.R.T. goals: We’ll filter our responsibilities through them. E.g., if we want to be the team’s SME for JavaScript, how do the tasks on our daily to-do lists get us closer to that goal?
• Identify a coworker as a friendly rival. We’ll find someone who is competing for the same promotion or the same client, etc., and use her as the bar against which we measure our work. Does she know Excel better than us? We can take an online class (many are free with a library card) to increase our knowledge. I call competing with someone who is on my team “coopetition.” (Think Group Round during Hollywood Week on American Idol). We strive to outperform this person because we admire her success. We can use this as motivational fuel to course correct when we’re struggling. This study says we succeed when our rival succeeds. We can learn from her mistakes as well as build on her successes.
• Jim Rohn said, “You are the average of the five people you spend the most time with.” Let’s hang out with tenacious people: professional groups, friends, family, and people with our job title from other companies. We can also read biographies of tenacious people and study what they did.
• Tenacious people are comfortable with being uncomfortable. If our fear of failure is holding us back, let’s do something about it. Let’s sift through the symptoms to get to the root. (Journaling may help us see it easier.) Then take baby steps every day to overcome it.

Tenacity comes through practice. The bad news is, this means facing adversity over and over again. The good (?!) news is, life gives us plenty of adversity to practice with.

Robin Poffenberger Support Services Manager, Washington-Centerville Public Library

Research indicates that people are more likely to use public libraries during childhood, early parenthood, and retirement. Hopefully, some of you have fond memories of attending story time as a child or parent! But what can libraries offer you during the career stage of your life?  

• Keep up to date with technology and business news using newspapers and magazines, available in both physical and digital editions. Many digital editions are always available, ready to read whenever and wherever you are.  

• Sharpen and grow your skills to advance your current career or start a new one. Use your library card to access thousands of free video-based trainings via LinkedIn Learning or Udemy on topics ranging from project management to Microsoft 365 Administration. These resources are also a great way for small businesses to develop their employees. 

• Need statistical information to provide justification for a new project? Statista has over 80,000 topics from over 18,000 sources combined in a single platform.  

• Our Reference Librarians can assist you in finding free resources including business-oriented databases to create customer lists, develop and gather competitive intelligence, and investigate industries. 

• Working at an international company? Improve communication with your colleagues by learning a new language using online language systems or mobile apps. 

• Catch up on new and best-selling business books. Pick up a physical copy using curbside pickup or download an audio copy to your phone and listen while you commute or exercise. 

Lifelong learning isn’t just about professional development. Studies show that we have fewer new experiences as we age, making time feel like it passes more quickly. Taking time for learning activities during your personal time also provides benefits such as helping your brain stay healthy and expanding your thinking. Libraries can help! 

• Enlist your friends and family and test your sleuthing skills with digital escape rooms from the comfort of your own home.  

• Learn new recipes or cooking skills using cookbooks and cooking magazines. Try traditional recipes from around the world using the AtoZ World Food online database or try regional recipes from the U.S. with AtoZ Food America. 

• Go back in time to research your family tree using genealogy resources such as Ancestry, Fold 3 and HeritageQuest.  

• Ready to buy a new car or try repairing your own? Check out Consumer Reports for reviews on new vehicles or tackle vehicle maintenance repairs with help from Chilton Library online. 

• Tackle those intimidating home improvement projects with Home Improvement Reference Center. 

• Plan your next trip with the help of the library! Get passports and passport photos, foreign language tutorials, travel books and more.  

• Learn to knit, crochet, scrapbook, decorate cakes and more using CreativeBug, an online video tutorial resource. CreativeBug has thousands of award-winning art and craft video classes taught by recognized designers and artists. 

If it’s been a while since you visited your local public library, stop in or visit us online to see how we can help you achieve your learning goals. 

Scott McCollum, CIO, Sinclair Community College and Chair, Technology First Board of Directors

Every IT organization has their “table stakes” products for providing security over their infrastructure. These are the products such as anti-virus, firewalls, and mail scanning gateways that have become ubiquitous and a part of every IT department’s budget. Beyond these common products there are other, more capable products that are implemented in order to address other risks that the organization feels are in need of mitigation. In addition to this inventory of products that have been implemented, I don’t think I’d be going out on a limb to say that every organization, regardless of size or the number of products that are used, has a list of products that they feel would improve their security posture. If this truly is the case, then how do organizations ensure that the products on their “wish list” address their most important vulnerabilities, and how do they get approval for increasing their spend for yet another product to eliminate their remaining vulnerabilities?

Sorry if you thought I had the answer to this most important question. Unfortunately, the number of vulnerabilities in an organization’s infrastructure are numerous and caused by many different factors. Some are due to bugs in the particular software that the organization uses, some are caused by flawed operational procedures of departmental users, and some are due to misconfiguration of systems. My point is that these issues will always exist and we can’t expect our budgets to continually grow to add more security products. In addition to the vastness of areas where vulnerabilities exist, we are faced with ever-tightening budgets that were already hard to justify increases in prior to the world-wide pandemic that has increased technology support costs while decreasing revenues.

While we can’t eliminate all vulnerabilities, we must identify those vulnerabilities that pose the greatest risk for the organization and focus on these areas for process improvements and technology acquisition. In some cases this means repurposing of our resources, due to the lack of being able to justify additional funding. This repurposing can manifest itself in many ways. One way to repurpose resources is to eliminate products that don’t attack the greatest threats or to acquire a new product that provides these capabilities in addition to other unmet needs. Another strategy is to implement unused functionality in products that are already owned, but under-utilized. In addition to repurposing tools, there are also opportunities in many cases to repurpose personnel to focus on security functions and to work on improving processes and managing security products.

The first step to being able to repurpose your security assets is to take an inventory of your environment for all resources that relate to security. This can be hard to do because there are some products that provide security, which are not exclusively security products, such as Microsoft 365. Once you have a total picture of the security inventory you can understand the security spend for your organization and where you might have an opportunity to repurpose resources. Identifying the risk that each of your products addresses allows you to map your “wish list” of additional security capabilities and determine how you might be able to perform any necessary repurposing before you make that much more difficult attempt to justify new funding.

Upskill your workforce with TechCred.

No matter what industry you work in, technology is having an impact on the future of your business and the nature of your work. TechCred helps Ohioans learn new skills and helps employers build a stronger workforce with the skills needed in a tech-infused economy. Many of these trainings can be completed online!

The TechCred application opens on January 3, 2022 and will close on January 31, 2022 at 3:00 p.m.

Businesses applying for TechCred are required to list their Supplier ID Number on the TechCred application. To register as a new supplier or update an existing account with the State of Ohio, visit https://supplier.ohio.gov and follow the prompts until completed. Once this information has been approved, you will receive a ten-digit State of Ohio Supplier ID number.

Beginning with Round 12 (January 2022), the following changes have been incorporated into the TechCred program:

• Training for approved credentials must start on or after the Effective Date of the Grant Agreement and must be completed by the End Date of the Grant Agreement. The Effective Date of the Grant Agreement will be the first day of the month immediately following the last application period. Costs incurred by the Applicant prior to an award of eligibility and an executed Grant Agreement is done at the Applicant's risk.
• TechCed Grant Agreements will be incorporated as part of the TechCred application. Upon receiving an award announcement, awardees will be directed to log into their application to provide an electronic signature certifying and acknowledging the Grant Agreement, Terms and Conditions, and the Program Guidelines.

https://techcred.ohio.gov/wps/portal/gov/techcred/apply