Improving CA’s Cybersecurity
It’s no secret that we’re all living in an increasingly digital world. On top of that, we’re hearing more and more about cyber attacks that can put the personal, confidential information of consumers at risk. It takes a lot of effort and expertise to protect the data and personal information of everyone who does business with CA.
We think it’s important for you to understand some of the behind-the-scenes work of CA’s small but mighty IT team is doing under the leadership of Director of Information Technology Armsby Carbon.
According to Armsby, we’re only as strong as our weakest link — especially because almost 95% of cybersecurity breaches are due to human error.
That’s why one of his biggest priorities is cyber awareness training for CA’s team members, alongside a strategic effort to improve CA’s customer-facing business processes.
“These priorities on both the technical and business improvement side are meaningful on many levels,” he says. “It’s all about being able to offer a level of reassurance to team and community members that we are doing our due diligence to protect them and improve their user experience.”
Here’s more on how CA’s 11-strong IT team is working to enhance cybersecurity.
Cyber Awareness training
In February 2022, the IT team began working to implement a program called the National Institute of Standards and Technology Cybersecurity Framework (known as NIST CSF), which defines controls and best practices on information security. This includes quarterly cyber awareness training for CA team members. The goal is to implement the majority of the NIST Cybersecurity program over the new fiscal year.
“Equipping our team members to recognize and report threats and attacks is so important to mitigating risk,” says Armsby. “We’re focused on consistently training our team to recognize some of the malicious ways that bad actors try to compromise our systems.”
The NIST CSF implementation also involves standardizing and maturing our security program to better secure and protect information assets, users and the organization from global bad actors.
“The NIST framework helps us get a better view of where information assets sit, who has access and how we can protect it,” says Armsby. “This is a significant effort and goal for our team. It shows a high level of rigor is being pursued in an effort to continually adjust to evolving threats. We’re taking a holistic and standardized approach — nothing is ad hoc.”
Business process improvement efforts
On the business improvement side, Armsby says the priority is completing two phases of what’s known as the Customer Relationship Management (CRM) modernization effort.
- Phase 1: Deep dive into reviewing CA’s customer-facing business processes to identify gaps and future requirements that will drive improvements to the CRM platform that constituent members and staff utilize to engage with CA services.
- Phase 2: Solicitation of the best fit solution that addresses CA’s CRM needs to better service constituent members and business processes in a modern, accessible and intuitive way.
The IT team is taking a collaborative approach to this project, partnering with CA’s Community Programs and Services department to create a cross-functional project team. The goal is to discover ways to improve member experience, facilitate ease of access and modernize the platforms and technologies used to deliver services that CA provides to both internal and external constituents.
In other words, Armsby and his team are evaluating systems that make it safer and easier to do things like book a class, register for summer camps or make a transaction with CA.
“I love working for an organization that doesn’t rest on our laurels. I’m fortunate to have a process-oriented team who truly cares about being successful and supporting CA in a meaningful way. We’re always striving to improve, and I’m very excited about the progress we’ve already seen from this year’s initiatives.” -Armsby Carbon