The Time To Review Cybersecurity and Disruption Plans Is Now

If you haven’t done so already, it’s time to make sure you’re as prepared as you can for disruptions to digital platforms because of cyberattacks resulting from events unfolding in Ukraine.

To a large degree, there’s only so much you can do and while the risk to arts and culture organizations being targeted deliberately is low, the systems and platforms they rely on are much higher priority targets. At the most basic level, groups would be wise to consider the following:

  1. Confirm critical data is backed up.
  2. Reset account passwords for email, websites, social media platforms, and other digital providers that are 12 characters or longer. Use upper and lowercase letters, numbers, and special characters. Update them monthly until tensions subside.
  3. Ask your web developer and/or hosting provider to block all incoming traffic from countries other than those responsible for the lion’s share of legitimate traffic. Most reputable providers can put “block only” or “allow only from” rules in place.
  4. Use two factor authentication or similar added security measure (biometric, Yubikey, etc.) where available.
  5. Keep a very close eye on your websites and email clients to make sure they are not compromised and being used to spread malware or misinformation.
  6. Review how employees can identify phishing attacks (they have become remarkably more sophisticated in the last six months).
  7. Make sure company owned mobile devices are running the latest version of its operating system.
  8. Confirm key employees have a communication strategy if email service is unavailable.

About Drew McManus

"I hear that every time you show up to work with an orchestra, people get fired." Those were the first words out of an executive's mouth after her board chair introduced us. That executive is now a dear colleague and friend but the day that consulting contract began with her orchestra, she was convinced I was a hatchet-man brought in by the board to clean house.

I understand where the trepidation comes from as a great deal of my consulting and technology provider work for arts organizations involves due diligence, separating fact from fiction, interpreting spin, as well as performance review and oversight. So yes, sometimes that work results in one or two individuals "aggressively embracing career change" but far more often than not, it reinforces and clarifies exactly what works and why.

In short, it doesn't matter if you know where all the bodies are buried if you can't keep your own clients out of the ground, and I'm fortunate enough to say that for more than 15 years, I've done exactly that for groups of all budget size from Qatar to Kathmandu.

For fun, I write a daily blog about the orchestra business, provide a platform for arts insiders to speak their mind, keep track of what people in this business get paid, help write a satirical cartoon about orchestra life, hack the arts, and love a good coffee drink.

Related Posts

Leave a Comment