Can you guess who just Celebrated 15 Years at CC Pace?
One of our very own just celebrated this big milestone and rather than just giving you the 411 on it all, we’d like to change things up a bit and play a guessing game with you! If you’d like to play along keep reading, and no peeking at the pictures below. So, can you guess who it is? No? Well it is probably a bit hard given that CC Pace’s employees have an average tenure of 12+ years of service, so we figured we would give you some other clues to help you narrow down your guess:
Clue #1 – This person is a favorite amongst both those of us as CC Pace and our clients.
Clue #2 – This person speaks fluent Russian.
Clue #3 – This person recently obtained their AWS Practitioner certification.
Clue #4 – This person has musical talent and plays the bass.
Clue #5 – This person is also a skilled tennis player.
Still haven’t figured it out? then let’s keep going… Joining CC Pace in 2004, this person was part of the mortgage technology offering LOS Advantage. After working on various projects for us, they began working at the Municipal Securities Rulemaking Board (MSRB) on the EMMA product, and have been there for over 10 years. During their time at MSRB, they have been consistently praised for their ability to deliver what is asked of them, and always delivering on time.
Need another hint? Now our team lead at MSRB, they constantly work on building their technical skills, learning and adapting to different methodology frameworks, and working very well with people (seriously, everyone loves working with this person). The leadership at MSRB epitomizes the type of client partnership we strive for, one built on value, trust and all-around success, and is due largely to this individual.
Ready for the big reveal??
Please join us in congratulating Leo Belenky for his 15 Year Anniversary at CC Pace. Our president, Mike Gordon presented Leo with his service award and highlighted how his hard work and dedication are vital to the success of our organization. Thank you Leo, for 15 wonderful years of service! And, to our readers, thank you for playing along!
I recently attended a Data Connectors Cybersecurity strategies conference in Reston, VA. Companies practicing various security solutions had speakers’ sharing knowledge about security threats that are currently affecting the market and how to protect an IT organization against such attacks. Interestingly, Sophos speaker Paul Lawrence (cybersecurity sales engineer) discussed Ransomware as a Service (RaaS) and how to protect against these attacks. Below you will find the high-level information that I gathered in this conference which I feel will help others who are unaware of this threat.
P.S. – This is just an informatory blog on what RaaS is and how to prevent IT organizations from this attack.
What is Ransomware as a Service?
In layman’s term, RaaS is an unusual type of software as a service provided over the internet by criminals to attack IT systems and get paid ransom for it.
In 2018, 53% of the organizations were hit by ransomware and 1/3 of them paid ransom to recover from the ransomware attack.
How it works?
Suppose I am the bad guy who wants to hack machines, data, information but doesn’t want to reveal the identity and, I want to get paid ransom for hacking.
I can use RaaS (Ransomware as a Service).
I need to register my account by providing the bank details where I want to be paid the ransom. All my information that I provide to this service platform will be safe and it won’t be tracked (presumably).
Next, I download the viruses from this service platform and start infecting machines. Once infected, I can provide details about where they can pay the ransom to recover from the attack.
Now anybody can be a hacker using this RaaS service since malicious actors have created various models to attack any IT system. All you need is to follow the guidelines they provide with step by step details.
How do RaaS providers make revenue?
They will collect ransom from the organizations or individual vendors who were attacked through RaaS account payment system. Once they get paid the full ransom, a share of that money goes to the criminal who initiated this account payment by registering for this service.
Basically, a win-win situation for both the RaaS provider and the malicious actor who used this service to attack the IT system of the organization or individual vendors.
Types of Ransomware attacks
- Traditional ransomware attack: The attack is automated and doesn’t need manual intervention. It can spread rapidly across the globe. WannaCry is the most widely known traditional ransomware variant that infected nearly 125,000 organizations in over 150 countries.
- Targeted ransomware attack: This is a well-planned manually targeted attack by attacking the network and computers on the network. RobbinHood variant was used in the Baltimore ransomware attack which compromised most of Baltimore’s government computer systems. 13 bitcoins was the ransom demanded to unlock the computers.
Prevent from Ransomware attacks
Ransomware attacks are getting more targeted. One of the primary attack vectors for Ransomware attacks is Remote Desktop Protocol (RDP)
- Lock down RDP
- Use Strong passwords.
- Do not disable Network Level Authentication (NLA), as it offers extra authentication level.
- To learn more, please go to Malwarebytes Labs.
- Patch to prevent privilege elevation
- Limit the users to those that really need it
- Secure your network both from the outside and inside
- Disaster Recovery plan or Aftermath of an attack
- We need to ask this question to ourselves “Do we really need remote access?”
Selfie taken at the Data Connectors cybersecurity event 😊
Are you a seasoned Agile Practitioner interested in expanding services beyond yourself while providing strategic guidance to a variety of clients?
CC Pace is currently looking for a dynamic Agile Thought Leader who is ready to make an immediate impact and drive our Agile transformation services. The ideal candidate is local to the DC metro area, is comfortable making decisions and implementing innovative ideas. CC Pace will provide a flexible working environment and support interest in growing a personal reputation in the global Agile community, in addition to a competitive, comprehensive suite of benefits.
What will an Agile Thought Leader at CC Pace do?
- Set the direction for our Agile transformation services, drive strategic imperatives, define Agile offerings, establish priorities and grow our Agile business
- Represent CC Pace at conferences, through independently orchestrated thought leadership and by guiding client engagements
- Provide strategic guidance to clients through enhancing, producing and delivering Agile training and coaching both in person and via alternative delivery modes
- Build and mentor a team of consultants to deliver the services both with internal staff and business partners
- Define and brand CC Pace while developing new relationships in the Agile community
- Current certified Agile credentials or equivalent level of experience
- Strong communication and presentation skills – must be versed at public speaking and a capable writer
- Proven experience leading Agile engagements, including developing training materials and coaching at both the enterprise and team level
- Ability to demonstrate leadership experience in IT delivery, including building and sustaining high-performing teams
- Strong leadership skills that will support setting the direction for our Agile practice, managing a team of resources and driving the Agile offering and delivery strategies
- Ability to provide ample thought leadership to further our footprint in the Agile community
- Strong business acumen that will assist in supporting the sales & marketing efforts involving Agile transformation services
At CC Pace we have a strong referral program and encourage not only our employees but even those who don’t work for us to take advantage of it – so if you know someone who would be a fit for this position please refer them!
For more information regarding this Agile Thought Leader position, please contact Rechelle Card, firstname.lastname@example.org
For CC Pace’s 2nd quarter community outreach event, we collected personal care items in support of the Katherine K. Hanley Family Shelter (KHFS). KHFS is located in Fairfax, right around the corner from our office!
Thanks to everyone who participated. We were able to collect and put together “Care Kits” for 15-20 children, 10-12 women and 10-12 men. These Care Kits were comprised of items such as tooth paste, shampoo, conditioner, body wash and a tooth brush. These items will go to the families and individuals in need at the Katherine K. Hanley Family Shelter.
KHFS opened in 2007 and was the first emergency shelter in Fairfax County to adopt a rapid re-housing approach – an approach that was so successful, it has been incorporated into all emergency shelters in Fairfax County. Currently, KHFS houses 72 people, 45 of which are children. KHFS is part of the Shelter House organization.
Shelter House is a community-based, non-profit organization that provides crisis intervention, safe housing, and supportive services to homeless families and victims of domestic violence in our community. Shelter House was formed in 1981 as a grassroots responder to the homelessness crisis in Fairfax County. Shelter House is comprised of 3 emergency shelters: the Katherine K. Hanley Family Shelter, Artemis House and the Patrick Henry Family Shelter.
In the past year, across all programs, Shelter House served over 2,300 individuals, more than half of which were children. Of the families that exit Shelter House, nearly 70% move to permanent housing.
Thank you to everyone for your support and participation!
If you would like to learn more about Katherine K. Hanley or Shelter House, follow the link below:
There is a great team of people who work at CC Pace. We took a few minutes to get up close and personal with George Perkins, Ron Peterson and Suzie Wheeler, three of the people whose roles are front and center with our clients and candidates.
George is a Practice Manager who has just celebrated his 25th anniversary with CC Pace. George is responsible for the management of several of our client accounts and staff augmentation services. His primary focus in on the financial services and healthcare industries. Always the jokester, George is never one to miss the opportunity for a good one-liner during a meeting! Connect with George on LinkedIn.
We asked George some questions, and here’s what he had to say:
- Do you participate in some community outreach you would like to highlight? At CC Pace we believe in giving back to the community and participate in multiple events each year. Over the past few years I’ve been involved with the Ronald McDonald house, Homestretch’s backpacks for school kids, and sponsoring local families for Christmas. Also, I enjoy helping out with the local animal shelter.
- What professional groups do you belong to and what professional events do you attend? I attend NVTC events, Agile DC, and belong to WARN (Washington areas recruiters’ network) and ASA (American Staffing Association). I also represent CC Pace at job fairs and other IT conferences.
- What is your favorite…
- Food? Almost anything Asian, love the spices.
- Movie? Pulp Fiction and American Beauty
- Book? On the Road
- Team? Redskins
- Quote? “It’s just a flesh wound”
- Dog or Cat? Dog
- If you could do Carpool Karaoke with any singer living or dead, who would it be and why? Neil Young, I love his music and would be interested in talking to him about the days living in Laurel Canyon in the mid/late 60’s when all the great music/musicians were hanging out there.
Ron is our Senior Practice Manager for Federal Business Development. He focuses on building relationships and networking with government agencies on the local, state and federal level. Ron is probably one of the most easy-going people in the office. His calm demeanor and willingness to help out make working with him a true pleasure. Connect with Ron on LinkedIn.
So, Ron, tell us …
- Do you participate in some community outreach you would like to highlight? For 30 years, I have been volunteering in Federal and State prisons and local jails. Currently I am volunteering at Fairfax County Adult Detention Center.
- What professional groups do you belong to and what professional events do you attend? I belong to ACT-IAC and National Contract Management Association (NCMA). I also attend various conferences and industry events representing CC Pace.
- What is your favorite…
- Food? Seafood
- Movie? The Invisible Guest
- Book? The Bible
- Team? Yankees, Giants, and Golden State Warriors
- What is your hidden talent? Chess and Bid Whist (Bid Whist is an exciting, popular partnership trick-taking game. It is played with a standard 52 card deck plus 2 jokers, for a total of 54 cards).
Suzie is our Talent Acquisition and Recruiting Manager. She is responsible for the on-going strategy to find employees for the company with specific skillsets and recruiting for our clients’ technical positions. Suzie is always smiling, happy and has a pep to her step. She brings her positive attitude and enthusiasm to the entire CC Pace team. Connect with Suzie on LinkedIn.
Other fun facts about Suzie are:
- What professional groups do you belong to and what professional events do you attend? I belong to Women in Technology, SourceCon, and Project Save. I attend multiple events for various technical meet-up groups in the DC area, technical job fairs and agile conferences.
- What is your favorite…
- Food? Mexican, Maryland Blue Crabs, Spicy foods
- Movie? It’s hard to say just one, The Bucket List, Pay it Forward, The Notebook, Green Book
- Book? Disclosure by Michael Crichton, and The Secret by Rhonda Byrne
- Team? Dallas Cowboys and University of South Carolina teams
- Quote? “In the midst of movement and chaos, keep stillness inside of you” ~ Deepak Chopra
- Dog or Cat? Definitely dog
- If you could witness any historical event, what would you want to see? Probably witnessing the life of Jesus, I have so many questions about the events of this timeframe.
Our recent quarterly meeting made for a fun afternoon and evening for everyone. We had a lively staff meeting with presentations, service awards and team building activities, followed by a festive gathering at Dave & Busters.
At CC Pace, we’re lucky to have so many tenured employees. As our team members celebrate their CC Pace anniversaries, they are recognized by their colleagues and leadership team for their contributions throughout the years. We kicked off our service awards recognizing Chris Soule, Technical Consultant, for his 5 year anniversary with CC Pace. Chris was hired for an opening we had on our development team for MSRB. His success with this client continues today, where he has become a key leader on the EMMA project working not only on the data base side, but also helping to revamp the user interface. Per our client, Chris is the epitome of a team player! Chris, may you continue to inspire us for many years to come!
George Perkins, Practice Manager, was recognized for celebrating his 25th anniversary with us! George was hired as our first full-time recruiter. Over the years, as the staffing area of the business has evolved, he moved into the role of an Account Manager for some of our major clients. George’s philosophy has always been work hard towards success and have fun while you’re doing so – and he does just that! George, we thank you for your energy, enthusiasm and corporate commitment!
To take advantage of the rare moments our people are actually all together, we used this time to engage in some team building activities that were facilitated by Debbie Shatz, Sudhindra Shetty and the “always up for a good time”, George Perkins. Divided into 5 teams with red Solo cups in hand, our staff took aim at various building and stacking tasks (and, did we mention there were prizes)! Lots of cheering and yelling lead to some pretty hilarious bragging rights by the winners!
EAT. DRINK. PLAY. We kept the party going and had everyone move over to the new Dave & Buster’s in Fair Oaks Mall for an entertaining evening! There was food, drinks, billiards and of course lots more games and plenty of, should we say friendly competition. Together everyone enjoyed some good old fashioned laugh-out-loud fun!
The new URLA is coming. But the status report, for July 2019, is decidedly Red.
Warning signs regarding the immensity of the forthcoming changes have been out for well over a year, yet it seems some lenders are just starting to realize the size and implications of the coming changes related to the new loan application – the Uniform Residential Loan Application (URLA, aka 1003 or form 66). This is the first of a short series of blogs exploring the benefits and challenges that lie ahead.
The URLA is undergoing a total redesign for the first time in 30 years and that is driving major changes in four areas:
- The application itself – its form, data elements, organization and fundamental operation
- Its corresponding data file, the Uniform Loan Application Dataset (ULAD)
- The agencies’ automated underwriting systems (DU, Fannie Mae’s Desktop Underwriter and LP, Freddie Mac’s Loan Prospector) submission, interfaces and files
- The retirement (at least not keeping current) of the Fannie Mae DU3.2 file, which has long been the industry de facto standard for transferring data.
The optional date is coming soon – July 1, 2019 – and the required date is February 1, 2020 – not very far away for a truly major change.
When the subject of the new ULRA came up at the recent National Advocacy Conference, a gentleman sitting at my table said, “My vendor is taking care of it.” When he didn’t smile and the rest of us figured out that he was serious, the branch manager and the lawyer at my table both asked him “You mean your vendor sets your policy for how to fill out the language preference and whether you let the MLO do that instead of the borrower?”
I saw two other issues myself, including “Which vendor?” and “Are all your counterparties ready? Does your entire process work end-to-end?”
On the issue of leaving things to your vendor, even small lenders are likely to be dealing with two or more vendors who not only have to be ready, their systems have to be tested together to make sure that your process works.
Below is a simplified snippet taken from CC Pace’s Reference Architecture, showing internal interfaces that are affected by the new URLA:
That’s a lot of moving parts undergoing substantial change that need to continue to work together. Let’s look at things from the perspective of relatively common test cases. It seems reasonable to expect that a POS submission to DU and an LOS submission to DU will both work. But in an equally common, but decidedly more complex scenario, when you take the application on the POS, transfer the loan to the LOS, where you rerun DU and then request a set of documents from your doc vendor, it’s not hard to imagine that initially something will break down, simply based off of different assumptions that were made.
On the issue of counterparty readiness, the reference architecture reveals even more counterparties and vendors that have to be ready and that you will have to test your process with:
But wait, there’s more! As far as the industry is concerned, not only do you and your counterparties have to be ready, but the entire ecosystem has to be ready, end-to-end. And the status for that is decidedly red.
Take the previous difficult test case and now extend it to a common industry chain. A broker starts the application, it closes with a mortgage banker who then sells it to a correspondent investor, who now runs Early Check or LQA on it, purchases it from the mortgage bank and then delivers it to Fannie or Freddie. It is known that this will not all work in July 2019.
Here is what I gleaned from the MBA ResTech call from May 16th, 2019:
- Many individual vendors appear to be ready – but what that means is that they are ready to be tested in conjunction with other counterparties in the ecosystem
- Not all components necessary for an agency correspondent transaction are ready
- Correspondent Purchasers are starting to issue guidance that they will not purchase loans on the new URLA until 2020
It is CC Pace’s recommendation that every organization be extremely active monitoring the status of the new URLA both within and outside of their company; it is impossible that “our vendor is taking care of it all” is the right answer. This July through February represents a significant and much needed test period, not just for the systems and your process, but also for your compliance and training.
Some Correspondent Purchasers are issuing their own guidance on the matter. Have you?