Learning to Lead
Leadership means responsibility. Accountability for every decision, no matter the outcome. As times change, to remain competitive, companies must develop leaders who will change with them.
Being stuck in the status quo in world that’s facing a changing economic, legal, and technical environment puts a company at risk. Not just of being left behind, but no longer able to build their market and retain their customer.
Emerging leaders must be identified and developed. Not by title or role, but by capability. Critical thinking, problem-solving, willingness to chart a credible path for the future. These are the next generation of leaders.
We will prepare them.
Emerging Leadership Development: Workshops to build the next generation of leaders for their role. Facilitated discussion, leadership definitions, and skill training. We developed an online game to teach the impact of decision-making.
Risk Assessment: Risk is an intrinsic part of operating a business. Companies need to be equipped to assess and recognize acceptable risks versus those that need to be avoided or mitigated.
Team Building: Strong teams are the workforce that empowers a leader’s vision. Cohesion, collaboration, and communication are the skills that improve problem-solving.
Building Your Vision: Every company must have a vision of where they’re heading. The organization builds cohesion by making it actionable at all levels of the company. Metrics and measures should be set to monitor success.
Every day we hear of another violent attack in a public space, a place of worship, a store, a school, or a workplace. Those are just the ones we see happening.
Extremists used to be limited to foreign nation-states but domestic terrorism is on the rise. Outside the public eye attacks on critical infrastructure, the food supply, and the electric grid are rising. Our dependence on technology is an opportunity for state-sponsored cyber-attacks and other bad actors.
Some threats are apparent – we see them on the news. Others like the global COVID pandemic catch us by surprise. That surprise cost the economy billions.
Preparedness is not paranoia. Bombs, mass shootings, damage to the grid, sabotage of an undersea internet cable, or ransomware attacks – sadly these are times we’re living in.
Threat analysis and risk mitigation are what we have to offer.
Threat Environment Analysis: Evaluation of the threat conditions related to your business and geolocation is the first step in targeting a mitigation plan. We use a customized SWOT Analysis to summarize in an Executive Summary, with a detailed final report.
Executive Threat Education: Many companies perceive threats as a specific attack on their property or systems. This limits their ability to prepare for external events that can have a devastating impact on business operations. This workshop looks at possible threat scenarios, with recommendations for a proactive response.
Response Plan Assessment: We review existing threat response plans to identify gaps and resources to support the response. We also build response plans for active threats. Exercises or simulations are used to test the plan.
Situational Awareness Training: Assessing the environment, in and around the workplace is a learned skill. If “See Something, Say Something” is to be helpful, there needs to be a shared understanding of how to pinpoint suspicious activity. Where to share that information needs to be clear and people who report (even if it’s not relevant) need to be supported.
Great things in business are never done by one person. They’re done by a team of people.
Most businesses and social environments have limited systems to secure their space. Offices typically have tighter controls than a church or a farm. But many have no way to identify who’s in the building or even to quickly know who belongs in the building.
Without that knowledge, far too many scenarios can play out unhindered. Imagine a security breach by an active shooter or a bad actor committing corporate espionage.
Security threats can be from external sources, a disgruntled employee, or a terminated former employee. Despite increasing workplace violence, staff may not be equipped to challenge or report someone who shouldn’t be in the building.
Parking lots, public spaces, file rooms, and any office that has paper copies of intellectual property should be secured.
We focus on strengthening controls to increase prevention.
Onsite Security Review: It’s important to visit your location and see how traffic flows through it. We evaluate conditions, meet with leadership to get their perspective and review existing security procedures. The deliverable is a report on findings and recommendations for additional action.
Security Exercise: We test the controls in building by designing an exercise to see the response from people in your space – paid personnel, guests, and customers. The objective is to find issues, reduce chaos and mitigate risks.
Violence Against Women at Work: Female leaders and staff face gender-specific threats. This workshop helps to teach them preventative measures and encourages the importance of making a report.
Plans & Policies Review: Prevention is the first tenet of keeping your business secure and mitigating liability. We review existing plans for gaps or workarounds and recommend revisions to strengthen them. If no plans are in place, we will work with you to develop documentation.
Cybersecurity should a top priority for all businesses, government agencies, public facilities, and utilities. Do not assume your company is too small to be hacked – bad actors just consider you an easy target.
Ransomware attacks continue to rise, particularly in the healthcare and financial services industries. The cost can be as high as $499 per record, and that’s before the lawsuits, loss of revenue, customers, and reputation.
Minimizing cyber attacks begins with educating employees at all levels of the organization. Employees need ongoing training to avoid common cyber scams. Decision-makers must create policies and procedures that demonstrate the company’s intent to protect against attacks across every division, from HR to IT to Legal.
Proper controls on how the system should be used can be established by IT administrators. Limiting remote access, removing dormant accounts, and eliminating access to personal email or social media accounts is standard practice.
We look for the back doors and help plug the gaps where a breach begins.
System Security Review: Our work begins with a map of users, stakeholders, partners, and vendors connected to your system. We start by evaluating internal protections, including malware, training schedules, and preventative documentation.
Vendor & Partner Cyber Preparedness: One of the largest breaches in the healthcare industry started from a third-party payment processor. We review policies, procedures, and any history of breaches by companies with access to your system.
Ransomware Protocols: This is an analysis of the company’s capability of maintaining business operations if access to your system becomes unavailable. Paper protocols, stolen data, backups, and more techniques to protect your company.
Executive Cyber Education: We conduct workshops for non-technical decision makers to help them better understand the threats and how to mitigate the risk.
Cyber Simulations: Phishing is the number one tool used by hackers. We set up a simulation of a phishing email and a spoofed website to test employee response.
We can’t solve problems by using the same kind of thinking we used when we created them.
We align the majority of our training catalog with our other service areas. Each module is carefully customized to different levels within the organization – leadership, managers, and staff.
We also offer training for small businesses on process improvement, managing change, and winning proposals. We help educate clients on doing business with the federal government, and particularly the Dept of Defense.
We believe effective training must be reoccurring, particularly in areas related to protecting the company, its buildings, systems, data, and intellectual property. We recommend a quarterly cycle to keep everyone focused on security priorities.
We offer training packages that bundle together different prevention and protection curriculums and include quarterly schedules.
Our training can be delivered in person or remotely based on the client’s preference.
- Securing Physical Assets
- Cyber Security: Protection & Prevention
- Situational Awareness
- Active Shooter
- Emergency Preparedness
- Crisis Response Protocol
- Problem-Solving Approach
- Leadership Skills
- Decision-Making Process
- Change Management
- Process Improvement
- Working with the DoD
- Proposal Management
There’s nothing sexy about writing documentation…until you find your business in the middle of a disaster or a liability lawsuit.
Creating sound policies and protocols to prepare your business, physically and financially, is a level of protection for everyone involved. Documents should be reviewed quarterly or bi-annually for changes in scope or updated circumstances.
Documents created, reviewed, and approved should be shared with relevant decision-makers and staff as relevant. This demonstrates the company’s intent to educate the organization on proper procedures.
We help craft concise, actionable documentation for business operations.
Emergency Preparedness Planning: We offer bundles of documentation that fulfill all the recommendations from NIMs. Particularly helpful for companies working with the federal government.
Security Protocols: If you don’t have policies and procedures for protecting your on-the-ground assets, we will develop them.
Operational Resilience: Far too many small businesses are destroyed by disasters, natural or man-made. Proper planning can help reduce the impact and keep companies in business.
Safety Procedures: Clear, simple, step-by-step directions to avoid accidents and reduce workman comp lawsuits.
Cyber-Security Response Plan: Cyber attacks are among the biggest threats to companies today. A step-by-step plan for responding to a breach or ransomware will help the company recover.
Foxhole Consulting LLC is a veteran-owned and operated firm in North Carolina. Our services include leadership development, rising threat assessment, cyber security, on-ground security, training, and business readiness documentation. We welcome the chance to partner on bids and contracts.