Reflection Paper

Guest Speaker Reflection

Instruction here:

Note!!!!!: This is a reflection assignment on In class guest speaker lectures. Please summarize a writing based on the eflection articles of my seven classmates below. Please do not excerpt the original sentence, must use your own words. Based on the example given, imitate a reflection work that belongs to me. 300 words as total

Example here:

Student 1:

Matt's presentation was very insightful, especially since I'm also interested in pursuing a consulting career.

Firstly, I learned that in the cybersecurity consulting field, companies nowadays are shifted from doing check-boxes to cutting unnecessary losses from poor cybersecurity management. Cloud security has been one of the most widespread concerns across companies. And there are four significant steps in cyber security strategy development: discover, design, deploy, and optimization. What's interesting about consulting is that conducting a practical and efficient implementation plan is just as important as coming up with the most suitable strategy. Nowadays, leading consulting companies have to provide a one-time solution and have to make sure the solution is continuously adaptive to their clients. As a result, a good consultant should be aware of multiple operational knowledge in terms of the technology, policy, budgeting, and people being assigned. One very entering point Matt mentioned afterward is having the ability to translate technical issues into a language that your clients can understand. 

In addition, it is also possible to transition from an investment baker to a consultant if you are a quick learner, solution provider, and analytical thinker. I really like a phrase Matt shared with us at the end of his Q&A session: "your job is what you do from nine to five, but your career is what you do all the other times." The key is to keep educating myself to be more prepared for the career I want to pursue.

Overall, I really appreciate having this opportunity to listen to the experienced insights from consulting industry. 

Student 2

The guest speaker, Matt Franko, gave us a lot of useful information, ranging from the real case about information technology risk management to the career path.

Firstly, Matt emphasized the importance of CIOs, who can provide expertise or resources. This will help the company to rapidly accelerate its cybersecurity program.

Besides, Matt mentioned cloud security. Coincidentally, in my last discussion on "Risks Related to a Tech Transformation Area", I also studied the evolution of cloud computing. Therefore, I am really interested in this topic. Matt said that a lot of regulatory standards are coming down around information protection. “Identify and Access” is becoming a key area, especially since more and more enterprises are using cloud computing. In today’s mobile, digital, and cloud world, all identities can become privileged under certain conditions. If not properly secured, they can open doors for attackers to execute increasingly targeted attacks.

Also, Matt, Shahryar, and Roota talked about the career path, which is really helpful. As a student with a financial background, this conversation showed me the direction of my future career if I wanted to become an information technology risk management expert. At the beginning of his speech, Matt mentioned that he majored in broadcast journalism during his undergraduate study, which gave me great encouragement and made me confident to transform from a student with financial background into an expert in the field of cybersecurity.

Student 3

From Mr. Matt Franko's speech, I learn about what do cyber security consultants do and the process that RSM use to help their client create a cyber security strategy. What impressed me most is that he said cyber security is a business problem and a business's goal is to make money. So the cyber security consultant is there to make sure that businesses understand the risks that they are undertaking and they are here to help design the path from now to the point the company wants and in the meanwhile design the mitigation strategies to reduce risk. They also help to educate the company on decision-making that to either accept or transfer the risk. Mr. Matt has also presented the 4 steps and 8 different areas of cyber security programs. Mr. Matt gave us some advice about what the company is looking for when they are recruiting college graduate students. Having the ability to ask good questions and a business mindset with strong business acumen is important. He also shares his work experience and told us the difference between working in a small company vs. a large company. The main difference is engagement and career growth, also when working in a small company he thinks he gets more opportunities to learn. Finally, he shares the career path we might have with us.

Student 4

Overall it was a great experience to have Matt Franko share his experience in cyber security with us on Tuesday. There were a few things I’ve learned including the cyber security framework, Matt’s career path as well as his professional advice on particular topics.

I thought it was interesting that Matt had worked in many different jobs in his career and that enabled him to project ideas and share insightful perspectives in various fields. It was mind blowing when he mentioned about the diversity of industries that he’s delved into so far.

Cyber security is a big issue that revolves around three aspects: people, process and technology. Matt walked through the handy framework for both business and security needs. When that knowledge is applied to anything in security such as a firewall, it would totally explain everything in relation to it. To put it in another way, a firewall can either be software or hardware which means it is a technology appliance. The system administrators that are operating the firewall are the people aspect of security. Lastly, process refers to the way the firewall is managed and set up. Key steps include discover, design, deploy and optimize the action plans and the whole cycle can be divided into 8 buckets.

Additionally, Matt provided some networking advice and techniques to stay connected with professionals in the field. Being proactive and keeping up with documentation skills play an important role as we develop further. Matt also mentioned that the experience in corporate America gives sheer opportunities (e.g. engagement teams) for individuals’ career development versus small organizations.

Student 5

First all, really appreciate Matt Franko’s time spending during the class on Tuesday. He gave us insightful information on cyber-security consultant in reality and related career path in consultant.

In the real world, the framework of cyber-security consultant consists of business and digital transformation, optimizing operation, changing compliance landscape and building resiliency. Matt shared his own interesting experience to further explain the framework to us. That is, in nowadays, when we doing the consultant, we first try to figure out what the business is doing, what are the business drivers, what are the business initiatives that are taking place. And how are those matters causing cyber security impacts and then help the companies figure out their own cyber-security construction plan.

At the end of Matt’s speech, he gave us some useful suggestions on course learning and career planning. Not everyone in the cyber-security consultant field has the same education background. Working is only a very small part of our life, however, career is a long term goal we need to achieve in the long run. Information exchanging and talking with different people is quite practicable. Talking with others and connecting with them is one way to improve ourselves in the career life.

Student 6

I find Matt’s presentation very helpful in providing the insight into how the cybersecurity frameworks are applied in the business setting. For example, the discover, design, deploy, optimize diagram Matt mentioned has some essential elements that are similar to the NIST cybersecurity framework, with the emphasis focused on how to help businesses develop a cybersecurity program that meets their needs and risk appetite. To be specific, I find the discovery aspect of the framework a very crucial step, as it helps businesses to identify the current state of their cybersecurity framework, what their desired state is, and develop a roadmap to get to the desired state. The process has to be tailored to the nature of the business, and much attention is focused on figuring out the business drivers and initiatives, and how are they impacting cyber security. Moreover, the roadmap also needs to be tailored to the business, helping the business understand how they can reach the desired state by managing their technology, budget, and people. I also find it interesting that Matt mentioned business acumen and the ability to keep learning and asking good questions as important qualities of being a successful consultant. I totally agree that these qualities may also be important for other career paths different from consulting. From the risk management processes I learned from other classes in the program, these qualities are very crucial for understanding the businesses, understanding their risks, and helping businesses to manage risks appropriately.

Student 7

Thanks for the guest speaker Matt Franko in RSM show us the field of cyber security consulting and IT risk management.

The most important that I remember in Matt’s speech is that cyber security is a business problem, but we don't have to worry about things happening, but understand the applications and have a plan for addressing them. Cloud security is an issue facing by many organizations today. Mr. Matt introduced us to four cyber strategies - discover, design, deploy, and optimize, which help the business to implement the program and work effectively. Also, Mr. Matt mentioned 8 buckets, that is the 8 different areas of a cyber security program for management to execute. From Mr. matt's presentation, I learned about the different roles of each department, and how important the cyber security in the business.

From the Q&A section, I learned the tools that we may use in the future career, the ability I need to improve, the brief understanding of a cyber security team, and the future market of cyber security. Cyber security is becoming more and more important in today's society and daily communication. It permeates every corner of our lives. The description what Mr. Matt said totally bring me more interested in the cyber security field and help me know about the practical skills that we may not learn from class.

Generally, I really appreciate Mr. Matt may come to class and do a cyber security presentation today. These contents bring me a better understand to IT risk management, and help me know more about the working process in an organization.