Podcasts about cisco umbrella

Play Episode Listen Later Nov 24, 2023 86:59

Hey savvy shoppers, gather 'round for a tale as vital as your grandma's pie recipe! Ever felt the sting of an online shopping scam? Fear not, I've got the lowdown on dodging those traps. Let's kick things off with a cautionary yarn and dive into the nitty-gritty. Spotting a Phony Website: Detective hat on! Check URLs for weird symbols and misspellings. A padlock symbol next to the URL is a good sign. Evaluating Sellers on eBay and Etsy: eBay and Etsy, our online treasure troves! Check seller ratings, reviews, and authentic photos. Don't fall for smoke and mirrors. Buying Big Ticket Items: Eyeing a big purchase? Do a reverse image lookup to ensure authenticity. Fish out the real deal from the online sea of possibilities. Single-Use Credit Cards Magic: Enter the game-changer – single-use credit cards. Use 'em and toss 'em. Bye-bye worries about your main card falling into the wrong hands. Keeping Your Info Under Lock and Key: Think twice about the info you share online. Use imaginative details for security questions. Be as elusive as a dragon for that added layer of protection. Why These Steps Matter: Avoid the headache of untangling from online scams. It's easier to prevent than fix. The 1Password and OpenDNS Shield: Secure your passwords with 1Password and enlist OpenDNS or Cisco Umbrella for a virtual guarddog against ransomware. Remember, online shopping can be a breeze with a dash of caution. Keep those eyes peeled, use single-use credit cards, and guard your info like the last slice of Thanksgiving pie. Questions or stories to share? I'm all ears! Ready to master the art of safe online shopping? Get All the Facts Here You can also catch Craig at the following stations and channels: With Jim Polito at 0836 on Tuesdays WTAG AM 580 - FM 94.9 Talk 1200 News Radio 920 & 104.7 FM WHJJ NewsRadio 560 WHYN WXTK Craigs Show Airs 0600 Saturday and Sunday With Jeff Katz 1630 - Tuesdays WRVA 96.1 FM, 1140 AM WGAN Matt Gagnon 0730 Wednesdays Craigs Show Airs 1700 Saturday WGIR 610 & News Radio 96.7 Chris Ryan 0730 Mondays Craigs Show Airs 1130 Saturday On the Internet: Tune-In (WGAN) Radio.com (WRVA) iHeartRadio (WGIR, WTAG, and other stations)

Episode 267: Fraser Hess

Mac Admins Podcast

Play Episode Listen Later May 30, 2022 80:04

One of those things we all end up managing is how our Apple fleet routes traffic into the interwebs. We often have to go through apps that load network extensions that effectively proxy traffic. Sometimes we call what they do fancy new industry buzzwords. One of the first platforms to use Apple's frameworks was Cisco Umbrella. In this episode, Fraser Hess joins us to talk about using Umbrella and some interesting things he found along the way! Hosts: Tom Bridge - @tbridge777 Charles Edge - @cedge318 Marcus Ransom - @marcusransom Guests: Fraser Hess Links: https://umbrella.cisco.com https://en.wikipedia.org/wiki/Anycast https://datatracker.ietf.org/doc/html/rfc4271 https://www.explainxkcd.com/wiki/index.php/2347:_Dependency https://nvd.nist.gov/vuln/detail/CVE-2022-20773 https://particulars.app Sponsors: Kandji Halp VMware Workspace One Watchman Monitoring If you're interested in sponsoring the Mac Admins Podcast, please email podcast@macadmins.org for more information. Get the latest about the Mac Admins Podcast, follow us on Twitter! We're @MacAdmPodcast! The Mac Admins Podcast has launched a Patreon Campaign! Our named patrons this month include Weldon Dodd, Damien Barrett, Justin Holt, Chad Swarthout, William Smith, Stephen Weinstein, Seb Nash, Dan McLaughlin, Joe Sfarra, Nate Cinal, Jon Brown, Dan Barker, Tim Perfitt, Ashley MacKinlay, Tobias Linder Philippe Daoust, AJ Potrebka, Adam Burg, & Hamlin Krewson

apple fraser umbrella hess dependency cve william smith dan mclaughlin dan barker jon brown cisco umbrella anycast justin holt charles edge

CIS Control 9 - Email & Web Browser Protections - sponsored by Cisco Secure MSP

The CyberCast

Play Episode Listen Later Mar 17, 2022 56:13

Abstract: Web browsers and email clients are very common points of entry for attackers because of their direct interaction with users inside an organization. Content can be crafted to entice or spoof users into disclosing credentials, providing sensitive data, or providing an open channel to allow attackers to gain access, thus increasing risk to your MSP or client's business. Since email and web are the main means that users interact with external and untrusted users and environments, these are prime targets for both malicious code and social engineering.

secure cisco browsers protections msp sales engineers webbrowser cisco umbrella phyllis lee steve steinberg

How Criminals Use Cloud Apps to Inject Chaos Into Work Environments - Doni Brass - ESW #232

Enterprise Security Weekly (Audio)

Play Episode Listen Later Jun 24, 2021 34:13

In 2020, cyber criminals used cloud apps, the cover of a pandemic, and a newly embraced work-from-home culture to serve up ransomware, steal data, and disrupt how companies do business. The year is over, but the challenges and risks remain. In this interview featuring Cisco's Doni Brass, we lay out how companies and their IT teams can stave off threats in the cloud app discovery process, stop data from landing in the wrong hands, and identify and block cloud malware that can cost both time and treasure! Segment Resources: What attacks aren't you seeing? - https://learn-umbrella.cisco.com/ebook-library/what-attacks-arent-you-seeing?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy20-q3-content-ebook-what-cyber-attacks-arent-you-seeing The modern cybersecurity landscape: Scaling for threats in motion - https://learn-umbrella.cisco.com/technical-paper-library/the-modern-cybersecurity-landscape-scaling-for-threats-in-motion?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy21-q2-content-technical-papers-the-modern-cybersecurity-landscape Cloud Security Buyers Guide - https://learn-umbrella.cisco.com/ebook-library/cloud-security-buyers-guide?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy21-q2-content-ebook-cloud-security-buyers-guide This segment is sponsored by Cisco Umbrella. Visit https://securityweekly.com/ciscoumbrella to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw232

chaos software threats cloud criminals scaling cisco aws environments brass devops azure vulnerabilities exploits inject cloud security devsecops siem gcp doni network security threat intelligence cloud apps paul asadoorian cisco umbrella

Figure It Out - ESW #232

Play Episode Listen Later Jun 24, 2021 96:52

This week, in our first segment, we welcome Doni Brass, Product Management Lead at Cisco Umbrella, to discuss How Criminals Use Cloud Apps to Inject Chaos into Work Environments! In the second segment, Brendon Macaraeg, Senior Director of Product Marketing at Fastly, joins to talk tell us How Teams Can Reduce the Visibility Gap! In the Enterprise News, Smoothwall Acquires eSafe Global, LookingGlass Cyber Announces Acquisition of AlphaWave, Vectra Launches Detect for AWS, SentinelOne announces IPO, & Building a Better Internet with Code BGP! Show Notes: https://securityweekly.com/esw232 Visit https://securityweekly.com/ciscoumbrella to learn more about them! Visit https://securityweekly.com/fastly to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

building software figure senior director ipo aws devops product marketing docker vulnerabilities sca devsecops fastly mobile applications waf dast xss openshift sentinelone apisecurity rasp sast microsegmentation cisco umbrella enterprise news swcompositionanalysis

Figure It Out - ESW #232

Enterprise Security Weekly (Video)

Play Episode Listen Later Jun 24, 2021 96:52

How Criminals Use Cloud Apps to Inject Chaos Into Work Environments - Doni Brass - ESW #232

Play Episode Listen Later Jun 23, 2021 34:13

Frustratingly Effective - BSW #220

Business Security Weekly (Audio)

Play Episode Listen Later Jun 16, 2021 71:31

This week, we welcome Jonny Noble, Technical Marketing Team Lead at Cisco Umbrella, to discuss Securing User Connections to Applications! In the Leadership & Communications articles: Attracting Talent During a Worker Shortage, CISOs Say Application Security is Broken, Three Steps to Harden Your Active Directory in Light of Recent Attacks, Demystifying RockYou2021, & more! Show Notes: https://securityweekly.com/bsw220 Visit https://securityweekly.com/ciscoumbrella to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Frustratingly Effective - BSW #220

Play Episode Listen Later Jun 16, 2021 71:31

Securing User Connections to Applications - Jonny Noble - BSW #220

Business Security Weekly (Video)

Play Episode Listen Later Jun 15, 2021 37:09

Are Secure Web Gateways doing their job to keep businesses safe in 2021? Recent survey results from ESG reveal 1 in 10 are not happy with their secure web gateway (SWG) and/or web security. Yet by 2024, the SWG market is projected to grow to 10.9 billion. As this year continues to twist and turn, complexity for an IT security professional continues to rise. Security professionals need to expect more from their security tools so they can stop running from one fire to another, and can simplify daily management. Join us to learn what you can do to get more effective threat detection and reliable, fast secure access. We'll look at ways you can cut complexity, reduce risk exposure, and improve performance with a cloud-delivered, secure internet gateway. This segment is sponsored by Cisco Umbrella. Visit https://securityweekly.com/ciscoumbrella to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw220

security software connections noble applications esg user securing aws devops docker vulnerabilities sca devsecops mobile applications waf dast xss openshift apisecurity rasp sast swg microsegmentation cisco umbrella swcompositionanalysis

Securing User Connections to Applications - Jonny Noble - BSW #220

Play Episode Listen Later Jun 14, 2021 37:09

36. A TikTok Influencer on Trolls, Passwords and Why Cyber Security Matters

Cyber Security Inside

Play Episode Listen Later May 19, 2021 26:26

In this episode of Cyber Security Inside, we’re taking a look at cyber security through the eyes of TikTok influencer, Kevin “Keats” Jackman. Keats is a writer and actor with 1.4 million followers on TikTok. And with his background in tech/IT, we wondered: How does he view cyber security differently and what can he teach other influencers about its importance? We talk: • What influencers should be on the lookout for • What can happen when cyber security best practices aren’t followed • How to protect yourself against threats before they’re real • How cyber security can translate into real life security for influencers • How IT can help CIOs improve cyber security ...and more. Tune in – or check out the video – for a very engaging and important conversation. Here are some key take-aways: • The world of the influencer is still relatively new, but when you reach a certain level of notoriety, you have to think differently about cyber security. You have to consider what you’re putting out there for your personal safety and well-being. • Another thing influencers must consider is password security. If anyone hacks one of your accounts, they can delete your content and even ruin your image. • For password protection, a good rule of thumb is to use complex passwords/phrases and to change your password every 60 or 90 days. • LastPass is a great tool for managing and remembering your passwords when you change them often. • Younger generations that have grown up with technology and seen some of the things that can happen when good cyber security practices aren’t followed seem to have a better understanding of its importance. But an understanding doesn’t mean adoption. It typically takes a personal experience or a high-profile cyber security issue for it to become a real priority for individuals. • You have to train your team and make cyber security real to them. One way to get people within your organization to care about cyber security before there’s a real threat is to show them how easy it is to fall for malicious emails. KnowBe4 is a program that will send out fake malicious emails to your team, and when someone clicks on a link, they’ll receive a report and training that explains what they missed. That way, they’ll realize how easy it is to fall prey to an attack and they’ll know what to look for, so they don’t fall for the real thing. • The key to cyber security is to put multiple layers of protection in place, like two-factor authentication, Cisco Umbrella, and other tools and systems. • If CIOs don’t know about new tools and systems, they can’t purchase and implement them. IT needs to keep CIOs in the loop. • For more from Keats, visit his website keatsdidit.com or follow him on TikTok or Twitter @keatsdidit. Some interesting quotes from today’s episode: “You know, when you tell people you're going to school to be a rocket scientist, you get a lot of love. So, I had to really be confident enough in myself to step away from that and say, ‘Hey, this isn't me. I know it sounds great on paper, but I'm still going to be great. It'll take me a little while to get there and may be a little unorthodox, but hey, I'm an entertainer, they're going to see me.’ So, it's really nice to be able to still get that recognition from NASA, even though I'm not at the desk making the rocket.” “Especially with COVID and everything, cyber security is more important than ever, because everything has gone virtual.” “When you get a million views overnight, you have to change the way you move. You can't just post everything on your story and go out and just be there, because people, they can roll up on you. People can say, ‘Oh, I need to go there and see him,’ and people, they get crazy. We're at a time where cyber security can translate into real life security.” “Coming from an IT background where security is the main focus, for law firms especially, I kind of had a leg up with understanding how important it was. But someone who's not from that background or doesn't expect it, you blow up on social media, you could be ruined real quick from lack of cyber security.” “I think it becomes real when it happens to you, when something happens. Just like backing up your data, things like that. When you lose something, when that external hard drive goes, it's like, I need to back it up because I don't want this to happen again.” “A lot of it is layering, because with cyber security, you can have all these things in place, but it really comes down to the people and your staff that have the ability to identify something and choose to act or choose not to act. So really training the people is the biggest thing.” “It's always a cat and mouse thing, but the bad guys are always getting better. So, you have to always be refreshing.” “I think the younger generation does have a better eye for spotting that stuff because you know, they see it all the time. They know what looks legit. They can tell that the logo got pasted from another source and that it’s not legitimate.”

covid-19 tiktok influencers nasa cybersecurity younger trolls passwords cios keats tiktok influencer knowbe4 cisco umbrella cyber security matters

Chart Topping Threats – How Attacks will Rage in 2021 - Artsiom Holub, Austin McBride - ESW #227

Enterprise Security Weekly (Audio)

Play Episode Listen Later May 14, 2021 36:50

Cyberattackers have not been slowed down by the worldwide pandemic. Phishing, cryptojacking, and trojans all continue to dominate the cybersecurity threat charts. It’s critical to know what security issues are most likely to crop up within your organization and their potential impacts. The challenge is that the most active threats change over time as the prevalence of different attacks ebb and flows. Register to learn about key threat trends facing businesses like yours in 2021. We’ll be joined by Data Scientist, Austin McBride, and Security Researcher, Artsiom Holub. We’ll tackle tough questions and take a deeper dive into recent threats to help you craft a strategy that helps you investigate threats, simplify operations, and scale security. This segment is sponsored by Cisco Umbrella. Visit https://securityweekly.com/ciscoumbrella to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw227

Negative Reinforcement - ESW #227

Play Episode Listen Later May 14, 2021 104:02

This week, In the first segment, we welcome Damon Small, Technical Director of Security Consulting at NCC Group, for an interview covering the Florida Water Treatment Facility Hack, and the Convergence of OT & IT! Next up, Artisom Holub, Senior Security Analyst and Austin McBride, Data Scientist, from Cisco Umbrella join to talk about some Chart Topping Threats and How Attacks will rage in 2021! In the Enterprise Security News: XM Cyber Announces Integration with Palo Alto Network's Cortex XSOAR, API Security Lessons Learned, Cycode Raises $20 Million, HelpSystems Acquires Beyond Security, Accurics Terrascan integrates with the Argo Project, Cequence Security API Sentinel 2.0, Seclore Security24 protects sensitive data, Who’s Really Behind the Colonial Pipeline Cyberattack?, Forcepoint acquires Cyberinc, Sophos launches industry’s only XDR solution for endpoint, server, firewall and email security?, and more! Show Notes: https://securityweekly.com/esw227 Visit https://securityweekly.com/ciscoumbrella to learn more about them! Segment Resources: https://newsroom.nccgroup.com/news/insight-florida-citys-water-supply-attack-420952 https://www.cnn.com/2021/02/13/us/florida-hack-remote-access/index.html Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

threats cloud hackers hacking surveillance aws risk management convergence cyberattacks azure cybercrime data scientists technical director scanning vulnerabilities breaches cloud security devsecops gcp sophos really behind xdr forcepoint negative reinforcement ncc group security consulting cisco umbrella senior security analyst ot it segment resources assetinventory assetdiscovery

Negative Reinforcement - ESW #227

Enterprise Security Weekly (Video)

Play Episode Listen Later May 14, 2021 104:02

Chart Topping Threats – How Attacks will Rage in 2021 - Artsiom Holub, Austin McBride - ESW #227

Play Episode Listen Later May 13, 2021 36:50

Love Your Energy - ESW #223

Enterprise Security Weekly (Audio)

Play Episode Listen Later Apr 9, 2021 96:31

This week, In the first segment, Ryan Noon from Material Security join us for a discussion on Zero Trust! Next up, John Loucaides joins for an interview on firmware attacks, and what enterprises need to do! In the Enterprise Security News:Cyble raises $4M, ThreatQuotient raises $22.5M, OneTrust acquires Convercent, Digital Shadows announces new threat intelligence capabilities, Rapid7 Announces Kubernetes Open Beta in InsightVM, LogRhythm Releases Version 7.7, Imperva unveils new data security platform built for cloud, Acronis releases a new version of Acronis Cyber Protect Cloud, Minerva Labs Launches Cloud Version of its Endpoint Threat Prevention Platform, What's Behind the Surge in Cybersecurity Unicorns? Cisco Umbrella unlocks the power of SASE and more! Show Notes: https://securityweekly.com/esw223 Segment Resources: Assessing Enterprise Firmware Security Risk in 2021 - https://eclypsium.com/2021/01/14/assessing-enterprise-firmware-security-risk-in-2021/ https://github.com/chipsec/chipsec The Top 5 Firmware Attack Vectors - https://eclypsium.com/2018/12/28/the-top-5-firmware-and-hardware-attack-vectors/ https://material.security/blog/email-is-too-important-to-protect-like-a-tsa-checkpoint https://www.cnbc.com/2021/03/09/microsoft-exchange-hack-explained.html Visit https://securityweekly.com/eclypsium to learn more about them! Visit https://securityweekly.com/materialsecurity to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

energy software threats cloud surge aws 5m ransomware devops azure cybercrime cso 4m vulnerabilities ciso data protection data security zero trust cloud security devsecops gcp dlp sase acronis imperva onetrust digital shadows cisco umbrella convercent threatquotient securitydegree securitycareers

Cybersecurity Unicorns, LogRhythm Version 7.7, Rapid7 Kubernetes Beta, & Cisco SASE - ESW #223

Play Episode Listen Later Apr 9, 2021 25:30

This week in the Enterprise News, Cyble raises $4M, ThreatQuotient raises $22.5M, OneTrust acquires Convercent, Digital Shadows announces new threat intelligence capabilities, Rapid7 Announces Kubernetes Open Beta in InsightVM, LogRhythm Releases Version 7.7, Imperva unveils new data security platform built for cloud, Acronis releases a new version of Acronis Cyber Protect Cloud, Minerva Labs Launches Cloud Version of its Endpoint Threat Prevention Platform, What's Behind the Surge in Cybersecurity Unicorns? Cisco Umbrella unlocks the power of SASE and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw223

software threats cloud cybersecurity unicorns beta surge cisco aws 5m ransomware devops azure cybercrime cso 4m kubernetes vulnerabilities ciso data protection data security cloud security devsecops gcp dlp sase rapid7 acronis imperva onetrust logrhythm digital shadows cisco umbrella convercent threatquotient securitydegree securitycareers enterprise news

Love Your Energy - ESW #223

Enterprise Security Weekly (Video)

Play Episode Listen Later Apr 9, 2021 96:31

Cybersecurity Unicorns, LogRhythm Version 7.7, Rapid7 Kubernetes Beta, & Cisco SASE - ESW #223

Play Episode Listen Later Apr 8, 2021 25:30

Episode 188: Episode 188 - Safe Search

IT Babble's Podcast

Play Episode Listen Later Mar 18, 2021 55:44

We’re back! 1) Tony has it been a month!!!??? 2) Amplified IT purchased by CDW 3) Streamlined Classroom AV 4) Tony - No more SAT/ACT - GPAs- No Grades - and What you need to do if you want to do this… 5) Amazon QuickSight - https://aws.amazon.com/quicksight/ 6) Safe search, firewall, etc. a) OnCampus b) Cisco Umbrella c) DNS Restrictions d) GoGuardian e) Websense f) 6th Gen Firewall g) Google Admin Reports h) Cisco Meraki Reports i) OffCampus j) GoGuardian k) Google Admin Reports l) Umbrella m) New training videos for parents, but they won’t watch them (we had a parent engagement webinar) m) COPPA - Children’s Online Privacy n) Protection Rule o) Must adhere to qualify for eRate https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule 7) Podcasting news! New Zoom products - Tony bought it! a) Zoom PodTrak P8/P4 Portable Multitrack b) Podcast Recorder H8 c) Anchor.fm + Wordpress = Podcast

safe podcasting anchor umbrella online privacy goguardian cisco umbrella websense safe search amazon quicksight

Tech Talk with Craig Peterson Podcast: SolarWinds Hack, Nation-State Ransomware, Fire-Eye RedTeam Tools and More

Play Episode Listen Later Dec 19, 2020 80:14

Welcome! This week I am spending a bit of time discussing The huge hack on SolarWinds Orion Software and why we will be feeling the repercussions for years -- and yes it could have been prevented. Then we will talk a little bit more about Election fallout and how this hack might have something to do with it. Then Fire-Eye hack and New and Improved (well -- another variation) of Ransomware and More so be sure to Listen in. For more tech tips, news, and updates, visit - CraigPeterson.com. --- Tech Articles Craig Thinks You Should Read: Gaming Over the Holidays? 7 Important Security Tips Looking at Using a Contact-Tracing App? Contact-Tracing Apps Still Expose Users to Security, Privacy Issues Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data Knowing What the Enemy Knows Is Key to Proper Defense Major Cybersecurity Vendor FireEye Breach -- Fallout Yet to Be Felt New AdWare Silently Modifies Search Results Ransomware gangs are getting faster at encrypting networks. That will make it harder to stop --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] In case you didn't hear, we have had a massive hack. We're going to be talking about that and what it means to you. What it means to the federal government. What it means to organizations that are using SolarWinds. Oh my Hi everybody. Craig Peterson here. Had a great discussion this week with Mr. Matt Gagnon Wednesday morning, as we usually do, and we're going to continue that now. Let's get into it in a little bit more depth. You probably heard me pounding on that table and it was just unbelievable because the bottom line here is these particular hacks were effective because these supposedly "Professional Security People" did not follow the basics. They didn't have the software configured according to the manufacturer of the software's specifications. So number one, read the directions. Number two, they didn't use the most basic of security controls that are out there. You've got to watch these domains, capabilities, practices, processes. That's what we are always talking about in the cybersecurity business. They were not monitoring outbound connections. They didn't stop the call home stuff. What I keep telling you guys, the easiest way to stop the spread of some of this nasty software is to use Cisco Umbrella. It's just that simple. Cisco Umbrella for just regular people is free. How could you get better than that? When you get into the business level, which you cannot buy on their website. You can buy some very good stuff from the Umbrella website, from Cisco then you get a lot more features and fine-tuning and granularity and stuff. If they had just been using Cisco Umbrella, that probably would have stopped the call home. That's what it does. Okay. These are professional organizations that got hit here. Professional organizations. We do not allow Willy nilly, outbound connections. Some of these pieces of software pretend that they are a web browser and they just want to go to this website. If you're allowing your employees on your network to go Willy nilly, wherever they want online, you got some problems. If you're just filtering for instance, Oh I'm not going to let them go to porn sites or something. Violence sites or Netflix to watch TV movies all day long. Instead of working, that's not good enough. That might help to keep them paying attention a little bit more to their work. I've found frankly, much of the time, they spend trying to figure out how to get around those filters. We catch people doing that all of the time. You have to talk to them and explain why the most dangerous parts of the internet, from a security standpoint, are the parts of the internet where you are going to have some of that nasty content that they might be looking at for. Once they understand that, usually they wake up and smarten up, et cetera, et cetera. But if that's all you're filtering for. How are you going to know that there is a piece of Chinese back door software on your network, that's trying to get out? How are you going to know that there's a Russian back door trying to get out? Or there is a hacker that's in your network who is exfiltrating all of your data and then they're going to hold your data. Not quite hostage to where it used to be, but they're going to extort you and say, Hey, if you don't pay up, we're going to release all of this intellectual property to the internet. The right way to do it is you only allow outbound connections to places they have to go for work. We have a company, our client, just as an example, who is in the Department of Defense space. They are a subcontractor and they deal with parts for airplane engines, certain parts. As such, they have all kinds of federal regulations and those regulations mean that they can't have data that gets stolen, that gets exfiltrated, right? That's the whole idea. They're supposed to be secure. So what do we do in a case like that? The people that work there can only get two websites that are approved. There websites of their suppliers. Their websites of their clients and that is all. They cannot go anywhere else. Why? Because part of the problem here is what just happened this week. What happened this week with this massive order? This has only happened five times before in all of history. We'll talk about that, as well. What is this order? What happened is they tried to go out to some other websites. Let's say they got infected, and their computer had some nasty-ware on there that was trying to call home. Just do its ET thing, call home. It tries to get out of the network using what looks to be an innocent little web connection. It gets there normally. But if we block everything except the website that they absolutely have to go to, that software is not gonna be able to get out of their network, is it? This is not rocket science. Yet we've got 18,000 organizations that look like they got hit in this massive cyber attack. Massive. There's a company out there called SolarWinds. Now, SolarWinds we have used in the past. We stopped using them because of some of their practices. We just couldn't, in good conscience use them. Knowing what they were doing and how they were doing it. But SolarWinds has this network management software. They have sold it to government agencies, massive companies, 499 of the Fortune 500 companies use SolarWinds. They have this network management product called Orion. Apparently, they like any other good little software vendor-provided updates. The updates between March and June 2020 apparently had a little extra payload. Now, the way these actors, the bad guys got this payload into SolarWinds software really shows that it was a Nation-State. Now of course the media is out there saying Russia, which is what they usually do. You'd think it was probably more likely to be China. But you know what we'll probably never know because these people were very sophisticated. They basically reversed engineered a one-way hash function called SHA-1 which you should not be using anymore. It was thought to be relatively safe. They combined that with another vulnerability in a web server and in some software that supports the web server and is supported by the web server and bam they're in. SolarWinds sent out updates to their clients. Those updates included updates and went to government agencies, all, but one Fortune 500 company, and over 22,000 managed services providers. Now, we're going to talk about MSPs some more, and we've talked about them in the past. This is a big deal. Most businesses don't do the information technology function themselves. They might have somebody that's in charge of it, but that person is the person who goes out and tries to find somebody to take care of the systems or do an audit or whatever it might be that they're trying to do. That makes sense, I think. So that's what they're trying to do. But do they really know what they should do? What they shouldn't do? What should be done? What shouldn't be done? That's a subject that we'll take up a little bit later. This compromised software was distributed as a software update to SolarWinds customers by SolarWinds. It turned out that their software had this payload in it that now allowed an as yet unknown bad guy to get into the networks. Now there's a statement that was filed with the securities and exchange commission. I'm looking at it right now by SolarWinds corporation and talking about the Orion products. They say that SolarWinds believes that the Orion products downloaded, implemented, or updated during the relevant period, starting in March this year, contained the vulnerability. Orion products download implemented before the relevant period and not updated, did not contain the vulnerability. It goes on and on. It says SolarWinds values of privacy and security of its over 300,000 customers. I can't believe that this would happen. So not only was SolarWinds caught up in this but so were many of their customers and you will find it interesting to know who some of their customers are because they have also been in the news lately for different reasons. This is just fascinating. The biggest hack in recent history, and one, that's going to have consequences for years, literally years. Make sure you visit me online. Craig peterson.com. We've established that there was a hack. We've established that the media thinks Russia did it and so do many security consultants. We're not absolutely sure. We probably never will be. What is this hack doing? How is SolarWinds tied into Dominion? This hack has been absolutely scary as heck. One of the congressmen who got a briefing on Tuesday about what had been going on. Called this absolutely terrifying. Now that is a terrifying statement to make and the accusations are that Russian government hackers are responsible for this. Now we've seen since March this software by SolarWinds called Orion, which was in place in 18,000 organizations, was compromised. Once it was in the network, it gave bad guys access to that network. Coming out this week on Thursday, we found that the feds have, in fact, said that yes, we were affected by this. Now affected, what does that mean? Ultimately, the pros and cons to this. The list of affected US government agencies and entities include the Commerce Department, the Department of Homeland Security, the Pentagon, the Treasury Department, the US postal service, and the National Institutes of Health. Isn't that amazing actually it is institutes, right? This is a long list of suspected Russian hacks into the US as well as many of our allies and other nations out there. This is very scary to hear that because Russia has been using hackers, they have been using bots, and they have had other means to try and influence elections in the United States and elsewhere. Before this latest election, we had the Democrats saying our election that elected President Trump there was influenced was hacked by the Russians. And of course, as you know of investigations for four years, they never really found that Trump was colluding with Russia. I think the focus was absolutely wrong in those investigations. It should have been on what happened with our elections? How safe is our election software? How about the hardware? How about the mechanisms that are in place? The federal government does have guidelines for this election vote tabulating software and hardware. They have error rates that are allowed just like they have so many mouse parts that can be in peanut butter. They have error rates that are far lower than are being reported, right now. Oh, thousands of times more ballots were rejected than were allowed by law. But nothing is happening. Nothing happened. They investigated one person, one, man, basically President Trump. A number of other people were caught up in this investigation as they laid traps for people. We did not do a major investigation into these systems. To me, that is absolutely inexcusable. Now we're seeing some other evidence that is something that I think we should be paying some attention to and that ties right into this hack of SolarWinds. As I mentioned, all but one, of the Fortune 500 companies use their software. 18,000 different organizations installed the version of SolarWinds Orion products that were in fact known to not just be vulnerable, but have built into them hacking tools, which is just astounding to me. Are we going to look into this now? Because looking right on this is from the Gateway Pundit.com. They went to dominion voting software. You can go to the homepage. They probably removed it by now, but it was there when I had a quick look on their website. This emergency directive 21 dot 01. Very rare. Only has been issued five times in the last five years is saying remove all of this. Yet Dominion Voting is apparently a customer of SolarWinds and Dominion Voting brags about how they use SolarWinds. That is scary, very scary to me. Let's talk about what it does mean. It does mean that our friends Dominion Voting, who has been accused of having terrible software, all the way through having major backdoors in their software. Our friends over Dominion Voting could well, have been completely compromised by that is SolarWinds attack. Completely compromised. We don't know if they were but we do know that they were using it and they are the ones with our voting machines. This goes back to what I talked about last week, where I think there is only one solution to being able to be confident about votes. Obviously, it's too late now to deal with all of the potential voter fraud, software errors, hardware failures that have occurred in past elections. It really is too late based on the evidence I've seen, to quote Attorney General Barr. But how about the future? How about we do an investigation into these companies that are providing us with the hardware and software. Or better yet, my solution is we have ballots printed. Those ballots have serial numbers on them with a very good check sum. All we do with those ballots is we scan them on regular commercial, industrial scanners that keep pictures of those votes. So we have a hard copy that we can go to at any time of the votes. We can analyze them. We can compare it to the vote counts, et cetera. We take those pictures now and we run them through very inexpensive software. Very inexpensive, under a thousand dollars to buy a license for some of the software. What that software does is it looks at the images that were taken by these scanners. And it goes ahead and tallies votes. If we use two or three different software packages, they should pretty much agree. Our error rate should be less than one in a hundred thousand or maybe even a million. Should be pretty darn low. Then we hand tabulate a few of these just to double-check, make sure everything is all right. We now have hard counts. People add up the counts and as always, you have election observers from the two major parties and the minor parties they're watching this whole process. I am for absolute transparency here. I think all of those images of the votes should also be made available to anyone who wants to download them. This is the age of the internet. Why are we not making the images of the votes available for anyone who wants to look at them? Private individuals can tally the votes and come up with what should have happened, what the count should be. You expect a little bit of variance, but absolute transparency. People add up those votes. It's all audited. There are cameras running, webcams 24 seven watching the voting machines. Watching the election workers. Streaming to anyone who cares to look. Now we have absolute transparency. Now we can believe the vote. That I think is the only way we can handle this. We're going to run through some checklists here about what gamers should be doing. If you're giving a video game or one of these consoles to maybe some of your kids. I don't dunno. Maybe your husband, maybe they are kids. We're all kids. What should they be looking for this year? We are talking about this massive hack we've been talking about, and we're going to get into some other stuff right now. I wanted to mention one more thing. When we were just talking about this major hack may have been Russia, maybe China. Sometimes it's really hard to tell who it is. If these are good hackers and these are by the way were very good hackers. SolarWinds I just can't hold them a hundred percent responsible for this hack because part of the problem was people not reading directions, not doing just the very basic practices that are established in the industry for trying to keep things safe. So keep that in mind as well. But it is a huge problem. It's something we all have to pay a little bit of attention to. I had a great question this week when I was on the radio, I was asked, Hey, please tell me that there are people in our government who are trying to do the same type of thing to other governments. And you might've heard about what is it? I would call a person hack, right? This is what is called in the industry a honeypot. You probably heard about US Representative Eric Swalwell. He is a California politician, which makes a lot of sense. He has been in office since 2013 and he is also on a very. Interesting committee. When we are talking about Representative Swalwell, his committee assignment includes him being on the Select Committee on Intelligence. Okay. Ranking member of its central intelligence agency subcommittee. He also retained his seat on the United States House Committee on science space and technology according to Wikipedia. This is very scary because he fell for the oldest trick in the book. It also tells us just the links China will go to in order to hack our people, our country. Don't worry, we're going to tie all of this into our hackers. Okay. He, as well as another politician from California. Yes indeed sitting us Senator she had a driver, I think it was for about 20 years who was a Chinese spy. Eric Swalwell had this girlfriend and apparently, this happened when he was just a mayor before he had moved up to the house. Then, of course, moved into the intelligence committee. A lady who became his girlfriend was doing everything you might expect of a honeypot, a Chinese lady who was trying to get information out of him. I don't know what information he got she got out of him. He had a lot of information. Now. If this were to happen to a Republican, of course, just by default, the morals of a Republican would be well. I really messed up. I'm sorry. I resign. At least resign from the intelligence committee, but I resign from Congress. That has happened before. Much different response. It's just amazing to watch from a Democrat and Republican. Nancy Pelosi should have removed him from his very sensitive government positions. This guy has demonstrated that he can't keep his well, you know what I mean, and not reliable when it comes to secrets. Why hasn't the FBI said, I don't care what you say, Ms. Pelosi, we want this Congressman removed? The big question is how did we find out about this? What ended up happening that brought us to the point where we realized that Eric Swalwell was a major security risk and was on the select intelligence committee? On oversight committees. Okay. It's scary, isn't it? This ties into this whole hacking agenda. It looks like we might have been hacking, as well. I'd be shocked if we weren't. We have teams, red teams, in every branch of government, basically, that hack. That's what they do. They're hacking in order to see what weaknesses we have. But this has been barely reported at all. This also happened last week. A major leak of official records from the Chinese communist party. Many of these Chinese communist party higher-ups are living and working in other countries, including the United States, Australia, United Kingdom of course, and this list that's been uncovered has about 2 million members of the Chinese communist party. Now, remember these people have sworn an oath to do everything they can to protect and build up the communist party. Okay. This database lists names, party positions, dates of birth, national identification numbers, ethnicity, telephone numbers of these members. Now. Australia Sky News on Sunday reported that the database quote "lifts the lid" on how the party operates under president and chairman Xi Jinping. The leak shows that the party branches are embedded in some of the world's biggest companies and even inside government agencies. Communist party branches have been set up inside Western companies, allowing the infiltration of those companies by CCP members who if called on are answerable directly to the communist party. To the chairman, the president himself. So apparently along with the personal identifying details of almost 2 million communist party members, there are also details of 79,000 communist party branches. Many of them inside companies. Now there was some analysis done of this member, we've only had it for what about a week now, but the analysis has been done so far has been interesting, cause that's revealed that both Pfizer and AstraZeneca, both companies who have vaccines for this COVID virus both of these companies together employed 123 party loyalists. There were more than 600 party members across 19 branches working at British banks, HSBC and standard chartered. In 2016, in addition, the Daily Mail's reporting that firms with the defense industry interests, like Airbus, Boeing, and Rolls Royce employed hundreds of party members. Now, when I found interesting is the response by the US media and the response by some of these companies. It's been reported that some of these companies, when they were alerted to the Chinese party membership of some of their people said "we're not interested in the political parties that our employees belong to." Which is just shocking. We're not talking about basic parties here. We're talking about what effectively is an enemy of the United States and frankly, we're also looking at this hack as a declaration of war by Russia, by China. China's done this before, too. In fact, we think they were behind another major hack you've heard of just a few years ago. The PS five and Xbox series X apparently are almost impossible to get. Best Buy just can't get restock. But assuming you got one, what are some of the tips that you need to know? If you are playing games or your kids or grandkids are. Video games, I've never gotten into them, but it's probably my generation. Back when I was a teenager, we had these text-based games that we would play sometimes. You're sitting in there on a teletype and you're typing into this computer over 110 bod modem. Oh, my gosh. It was fun, so you were in a twisty maze of tunnels? I can't remember the exact wording and then you'd go left or right. And I never spent a whole lot of time on those things. Because I basically considered it a waste of time. I've played like Mario cart a couple of times when we got it for the kids and that's probably the extent of it. I've played with some of these video games that Apple has released now as part of their arcade product. I am shocked at how good they are. How good the. Resolution is. And the movement of the phone itself can be read by the game. Your phone is your controller. So if you play games on these video devices or on a PC of some sort or even a Mac. You're not too worried about availability because the software is easy, right? It doesn't cost much to duplicate that software. Probably doesn't even cost a penny, nowadays for the guys to download the game to someone. Of course, there are other charges and stuff involved, but it's just so easy to do. So we're going to have a lot of them this year. Many of the people who are playing these games are the younger millennial generation, the Z generation, and both of them really have issues when it comes to security. I mentioned this before in talking with my youngest son, about two weeks ago, about security. He just didn't seem to care. Now, we had given him a really good firewall router and a wifi system built into it. All kinds of processing that was going on. It was a Cisco device. Cisco firewall. It was analyzing everything coming into his network, everything going out from his network. It does a very good job of it. It had a limit of, I think, it was 250 megabits worth of data flowing through it. He said megabytes, and I'd have to look at the specs on it. Actually, I do think it's two hundred and 50 megabits and that particular device was great. You're cruising the web. You have software of a machine gets infected, trying to get out. It'll shut it down just as all of this. His roommate, who calls himself a gamer, didn't like that at all. So he ordered a gigabit network coming in. It's a gigabit over RF cable modem, which is crazy. Cause you're not going to get it and we had previously explained, Hey, listen. Your biggest problem is going to be latency turnaround. It's not going to be the bandwidth. We showed him these statistics that our router had gathered that he never used more than 10 megabits of the worth of bandwidth, which is, pretty normal. I've read some studies on it and 10 megabits, 20 megabits. That's the max that is used by these video games. He knew better, cause he's in his twenties, and he's a professional gamer, almost. Not that he makes money from it, but he's a professional gamer and he has been talking in the gaming community. So rule number one is they don't need as much bandwidth as they think they need. What they need is a, basically a jitter-free line so that they can talk to their friends without any problems while they're playing the games. They need a very quick turnaround, so the round trip time needs to be fast. I brought up with my son, Hey, listen. You realize that he went out and upgraded the line and then ripped out, while you were gone, the firewall. He put in a better one than handles a gigabit and of course, yeah, no better. The wifi that he has in the house that his friend purchased as his roommate, does not provide gigabit over the Wi-FI. It just doesn't happen. It can't happen on any of this consumer stuff when you get right down to it and you look at it hard, right? Many companies are lying to us. They publish these specs. They give all of this data and it is so misleading. I said, this is a problem now because you have security at the bottom of the pile, when it comes to your network now. Anything that gets onto his machine is going to get onto yours. The firewall was actually a zero-trust basis and would not allow his friend's gaming computer to access his computer or anything else on the network that it wasn't explicitly allowed to access. And you do you know what he told me? He said he doesn't care. Now. I don't know. So if this is your dad and you've been doing internet cybersecurity for 30 years, and you're just getting carried away type thing that you get from an under 30 five-year-old son. I've got kids that are actually that age too. There certainly is a difference, a major difference. I don't know what it is, but the stats that I've seen in the studies I've read are showing that these younger millennials and generation Z, which this of our kids is right on that cusp, don't care about cybersecurity. Part of the reason is that they just have given up. Now, I've been fighting it for over 30 years. I haven't given up yet, but they have, it's just a fact of life. Just like you have to be on social media and you have to post these pictures of your wonderful life. It's just crazy. Here are seven tips and I got these from dark reading, a great website, but obviously, I'm going to comment on them a much different way than Dark Reading's approach to it. But I really liked these points. Number one, we've got to make sure our kids and ourselves understand that personal information needs to be kept personal. Now, I know every one of us in this country has had our data stolen. It's guaranteed. It hasn't all been stolen and it's from a snapshot in time. For instance, the Equifax hack. Yes, indeed. That's pretty much everybody in this country, Canada, much of Europe's personal information. Our salaries, our home addresses, our social security numbers. Everything was stolen, but that's years ago. By the way, that was probably done by the Chinese communist party. Remember that they're socialists. We talked about this last week. They steal stuff. That's what they do because they just can't compete. They don't like competition. They want to sit on their hands for the most part. Now, China's done some interesting things. With trying to combine the ability to have some free trade with the government-controlled economy, right? They're not just like we are. Not capitalists, they are not communist there. There's never, ever even with the Soviet Union and what happened in Venezuela and Cuba, they have never actually achieved pure communism. We don't have pure capitalism here either. Don't let them share personal information, make sure they realize that every little bit of information they share, they may be sharing with a hacker. Someone that's going to break in. We had break-ins in our neighborhood. This was probably about five years ago. A bunch of break-ins bunch of stuff stolen. Our house at that time was never broken into. It turned out that it was a kid from the neighborhood whose family had moved out and he knew things about people in the neighborhood and when they worked and when they were taking vacations. So he came back in and he started stealing from the houses, he'd break into them and steal stuff. In some cases, apparently, kids had given him codes to be able to enter houses. It's amazing. It reminds us again of another, a best practice. That we should be exercised in business and you need to exercise in your home as well. That is when someone leaves a job. What do you do? You shut down their accounts, do it all automatically. That's the way it should work. You archived their data so they can't get back in. Now we've seen instances where network people who had been doing network work at a business left and stole just tons of things, shut down networks, change passwords because that hadn't happened. And in this case, It's a good idea to change the code on your door lock pretty frequently. Keep track of who has what code, right? Doesn't that make sense to you? Then on top of that, with these fancier new ones where you can use the Bluetooth, the cell phone To program it. So you just bring the phone close to the door and it automatically unlocks, it gets more complicated. It's easy to set up, but we've got to make sure we erase them. So number one, don't share personal information. The next one, obvious as heck. We talk about it all the time but take care of your home network. Don't do what my son did and put in a cheap router. My son's roommate did make sure it's secured using multi-factor authentication. Now there are some ways around some of this, so that's why I recommend you do not use texting for multi-factor authentication. Use something like DUO or 1password or Last Pass or Google Authenticator. It's really going to help. Stay away from chats. Now, this is difficult because much of the social stuff that goes on with gaming is over chats that are built into these games. So just be careful when they're in chats because it is used by these honeypots and others to get personal information. Kids don't realize, Hey, listen, dad is a high up in this company and I probably shouldn't be talking about that because honeypot to go after our kids, to get at us. Avoid third party stores, apps, turn off Universal Plug And Play. (UPNP) If you still have it on your network and beware of scams when playing online. So some good tips for the kids. This latest declaration of war as it's been called may be bad enough for government agencies and bigger companies, and 22,000 managed services providers. But man ransomware. Then follow up to our last hour, DNI, the Director of National Intelligence Ratcliffe was supposed to have come out with a report as of yesterday about the elections and about foreign interference. Because of disagreement within the National Intelligence Community, it did not get released, at least not yet. It should be out fairly soon. The big talk and the disagreement between various people who are in the organization, one of those jobs for life things, right? The deep state as President Trump has called it. Is that how much involvement did China really have? How much involvement did Russia have? I strongly suspect. Russia had a lot of involvement here in hacking. In fact, even our voting machines, as we talked about in the last hour because of the SolarWinds hack. How about China? They're saying it looks like it could be a major influence and have had a big impact on the election, in a number of ways, but we're not going to get into that right now. Those big hacks have been very successful against larger companies all, but one, of the Fortune 500 apparently was affected and some 22,000 managed services providers countrywide use it according to SolarWinds, about 18,000 businesses. Were using the affected or infected, depending on how you want to look at this, but using the affected software. That's a real big deal, frankly. How about you and me? What does it mean to us as business people, as home users, et cetera? I want you guys to understand this a little better, so I'm going to explain it and I appreciate all the comments I've had about how much you guys appreciate me doing a little deeper dive into this far deeper than most anyone else can. You get these guys on the radio that just talk about absolute fluff in technology. Mainly because they don't know any better. I've just been doing this for too long. One of these commentators, a lady who's had her own radio show for years. Just amuses me to know she was a marketer for years before she got on the radio. Maybe that's why she's a lot more successful on the radio than I am, but I'm much more successful in tech than she is. You as a regular end-user, you're probably not badly affected by this hack, this SolarWinds hack, and all of the subsequent hacks that happened. It's probably not a huge deal for you because your home computers were not running this Orion software from SolarWinds, and you're probably not using any of the other software that's out there. I'm continually reminding everybody and I'm covering this as well in my Windows Hardening Course, which's coming up soon. When I was recording this week, it made me think about this a little bit, that you and I, as home users know better than to buy things like Norton and try and use them or some of these other antivirus products, because in this day and age with Windows 10, just not considering anything else in the network, but just the computer itself, you are probably best off using Windows Defender and making sure your computer stays up to date. You also know if you want to spend a couple of bucks. There is some other good stuff out there that's going to help and one of those is Malwarebytes. In fact, I'm going to try and include a link to some of them Malwarebytes stuff this week. Malwarebytes is another good little piece of software to have, and how much I like Umbrella. You'll find that online, of course, umbrella.com and you can get the free version. You can get the paid version. If you are a business, you need to talk to a reseller, like me, and have them set you up with the business version. Those three things are going to go a very long way. Obviously, you need to lock down Windows and harden it. That's why we're doing this whole little course coming up here soon. If you are a business now you might be in some trouble. I have been saying now for three, four years, as well as the FBI has been saying this and I covered it in some of the FBI InfraGard webinars that I hosted. If you're an MSP, if you're a managed services provider or break-fix shop, in other words, if you take care of other peoples and more particularly businesses computers, you are a major target. You have to pull up your socks. Now, the Department of Defense with this cybersecurity maturity thing that they've come out with CMMC. They have made it very obvious because he specifically says it that if you are a managed services provider, you have to meet the requirements that the Department of Defense is putting on to their customers or their suppliers. I think that makes a lot of sense. If you are a managed services provider, you probably have pretty much, if not completely full access to your customer's computers and networks. So if you have a customer, that deals with the Portsmouth Naval shipyard, for instance, that is a Federal Government DOD facility and if those DOD contractors that are out there on base have to meet certain requirements for cybersecurity, you would expect that you as a managed services provider have to meet those same requirements. The answer is yes, absolutely you do. We're talking about some serious policies and procedures, some serious hardware to help make sure everything's working right. Some serious monitoring of the hardware and the software and the alerts. It's a lot of work. We've talked about it before. Basically, if you have less than 200 people, you probably can't afford it. There is no easy button when it comes to the NIST 800-171 or the CMMC standards. So you turn to one organization, that's a managed service security services provider and you expect that they are going to be able to take care of you. I don't think that's unreasonable. What should you be doing? How can you have these guys take care of you? The answer is almost none of them can. No, they'll say so. They'll put a nice little logo up on their site and, Oh my gosh, aren't we just, Mr. Wonderful, Mrs. Wonderful. In reality, many of these companies know the buzz words. They know the key phrases, but they are not up to snuff when it comes to doing security or including their own security. So they'll go to other vendors. They go to distributors, try and get some help. This goes back to how I started out here, talking about these tech shows, where the host really knows very little about the actual technology. You want someone that understands. If you want a good meal, you're going to go to one of these celebrity chefs. They know the business and they know the business from the start to the end. You're not going to go to a fry cook for Wendy's, in order to get a great meal. Now, you might get a decent meal. So the Department of Defense is now pushing all of these standards down to the MSSP's. This is why we are actually a Master Managed Security Services provider. We provide security services through and for these Managed Services Providers, I think that just makes a whole lot of sense, but these companies have access to other businesses. Computer networks have been under attack forever and this now proves my point I've been trying to make for years. Which is the SolarWinds attack was directed at 22,000 companies that call themselves Managed Services Providers. Why? Because that's where the money is, that's where the access, the keys to the kingdom are for so many companies and so many government agencies are these managed services provider. Now, this is difficult because I promise this week to get something out about selecting a managed services provider. I have something, if you want a copy of it, make sure you email me ME@craigpeterson.com because I got a little checklist that I put together. It's one of these generic ones. I'm not trying to say, Hey, you got to hire me. You know how that goes? Where they put out an RFP, requests for proposal and there's only one company in the whole world that could possibly meet all of those specific requirements. Been in business for 30.6 years, is located within two miles of us, et cetera, et cetera. No, that's not what this is. This is a real nice generic list that you can use to help evaluate anyone out there that is going to be helping you out with your security. So whoever it was, the Russians, most likely knew what they were doing. So they got not only the 22,000 managed services providers that got them in their site, but they also got all of these government agencies, and all, but one, of the Fortune 500 is right there in their sites. They are not stupid. This was a very difficult hack and they pulled it off. They would have been continuing to pull it off, frankly, for a very long time. So if you outsource your IT, which you have to do, because that's the only easy way to get some real talent part-time, which is what most small businesses need. They don't need necessarily full-time on their staff, but they need full-time attention. and you got to pay attention. Drop me an email. me@craigpeterson.com. I'll be sure to get it back to you. Ransomware is no longer just the domain of basic hackers or even NationStates. Like what we saw with this massive SolarWinds hacks and targeting managed services provider. It is now changing ransomware in a big way. What is behind the headlines and really helping people to try and understand it a little bit better? I've always been told I'm good at and something I do enjoy doing. I guess that's a good thing, right? For you guys, as well as for me. Ransomware has been evolving over the years. We've talked about it here on the show before, but the idea behind ransomware that those people who aren't familiar with has changed from really one idea, now, to two core ideas. So the first idea is the one you may be familiar with which is they get some malware on your computer. However, it might be, they might be sending an email phishing email, trying to trick you into clicking on something and then installing some software. It might be via a worm or a remote hack, right? It could be a little virus that gets in, but the idea behind ransomware is that it gets on your machine and then it phones home. Some of this stuff is very fancy. You can go onto the dark web and you can find ransomware for cheap money. You can even buy ransomware as a service. So what you do is you send out the ransomware to email addresses, right? The ones you've bought or stolen or harvested from the internet. Another reason, by the way, you should never have your email addresses up on a website where it's easy for software to grab. Ransomware as a service does everything. Some of these companies, my gosh, you pay them either a fixed fee or a fixed fee plus a percentage of your take and they'll run the whole gamut for you. They'll provide tech support for people who get ransomware. Here's what will happen. That person clicked on that email. They installed that software that got the virus. There was a drive-by worm, whatever it might be and in the background now starts encrypting all of the major files. It looks for things like word docs and Excel spreadsheets, et cetera and it encrypts them all. It calls home first, nowadays, for instructions and tells the bad guys, "Hey, here's the key I'm using to do the encryption." It gets really fancy today. We'll get into that one in a minute. Then it pops up on your screen. "Hey, all your files are encrypted. You got ransomware to contact us." It gives you an email address or something else to contact them with. It has a big takeaway. It says, "Hey, you've only got so many hours to contact us, or the ransom goes up and goes up" To try and get you to move, and then you will pay via Bitcoin. Almost always. Which, by the way, has been driving up the value of Bitcoin. Because people have been buying it in order to pay ransoms. So that's what we're used to. The newer ransomware does things a little bit differently. So it gets onto your machine in much the same way. But the next step that it takes once it's on your machine, is it starts looking at files and finding files and usually it'll wait because what it's doing at that point now is it's pumping, poking a hole out of your network, back to the main controller for the ransomware guys. So it gets on your machine. It grabs the names of some of the files. It then connects back to home. It calls home. Once it's called home, it sends the names of your files and then it sits there. Now the ransomware guys are pretty busy actually. Cause so many people to fall for this stuff and haven't done what they needed to do to keep the ransomware out. The ransomware guys, usually within a few days, will then remote control your computer and they'll poke around and they'll find, Oh wow, here's client lists. Oh my gosh, personal information. I can sell that for as much as $20 a record. That's a lot of money, right? Especially for someone in Eastern Europe, which is where most of these things come from. Then what will happen is they will look around some more and they'll start trying to spread laterally, East, West, inside your network. So now they're inside your network and they say, Oh my gosh, there's 20, 30, 40, 50 machines in here. It'll try and infect these other machines using the same or different techniques where it tries to spread like a worm, or a little virus, going around inside your network. And then it says, Oh my gosh, this is a medical office. Oh my gosh, this is a Department of Defense manufacturer. It's. Oh, wow. Wow. When they got all of these records, all of these data. They might find things like also bank account numbers and transfer numbers, ACH accounts. All of this stuff. That's what it's looking for. Now. It's doing all of this in the background. You don't realize what's happening. Your computers just work in a way at this point that is probably not even slow. Then the next step that they take is they decide, okay, what are we going to do? You know what? I think that we can extort money from this person if we pull these files. So they'll grab a bunch of files. They don't remove them from your computer. They just make a copy of them from the computer, from your file server or wherever they are in your network. It may be all of your files and may just be a few of them. Once they're done with that, they will either encrypt everything and hold for normal ransom or not. If they hold you for normal ransom, the same normal stuff applies a little red screen comes up. Oh, you've got ransomware. We can help you fix it. Contact us, give us a copy of this number. Take a picture of the screen and then off you go buying Bitcoin and paying them off. Remembering because you listened to this show that the Department of Justice may come after you if you pay the ransom for supporting terrorists and terrorist demands, but that's a separate issue. Now you get your key to decrypt and according to the FBI, about half of the time, you'll get all your files back. Okay. So far that all sounds pretty normal, but the next part is what they've been doing more recently, which is. Okay guys, thanks for paying that, by the way. We are a different company. We're a different group of bad guys, and we have copies of some of your files and unless you pay us. We're going to release those files out on the internet, the dark web, or maybe the regular web put them up in a paste bin or wherever they might want to put them. Pastebin is a website that hosts these files, zip files, and other things with all kinds of information in it. That is obviously sensitive because why would you pay extortion otherwise? So that's what they do. Secondarily, they try and get you to pay them to not release your data. Okay. So in many cases, you have paid twice, you paid once to decrypt the data you paid a second time in order to gain access to that data. Or excuse me, just stop other people from gaining access to your data. Does that make sense to you guys? That's what they've been doing. Now we've got a new scale that these ransomware guys have. They are really catching up quickly with the Nation States that we've been talking about earlier. These are called advanced persistent threat groups. Just the regular gangs now have stepped it up. You can get this show and many others via podcast. Just go to my website, Craig peterson.com. Ransomware has gone from being opportunistic over to the other side, where they may spend months or even years on a network and a business and a government. So we're going to talk about the East-West spread of ransomware. We've had a major hack this week that has affected federal government agencies, all but one of the Fortune 500 agencies. It's affected 22,000 of these managed services providers potentially at least 18,000 organizations are confirmed with being affected by this. We're thinking it's Russia, but who knows? You cannot really tell. In the last segment, we went through the major changes in ransomware over the years. As I mentioned, the intro, opportunism, that's been the name of the game. They just send out a lot of feelers. They do a lot of scanning and they find somebody that is just vulnerable. That's the bottom line. They want vulnerable businesses. Once they find a vulnerable business, they move to the next step. That next step in the past has been just encrypting everything so that you and I really have no way to respond to it. It has gotten fancier. These advanced persistent threats are what the name implies. They're an advanced attack method. They're persistent. In other words, once they're on a network or on a machine, they stay there and there is a threat because of these ransomware groups, such as DAPL, painter, and revival. Have gotten on to the networks have been very targeted at what networks are trying to get onto. They want networks of businesses and these cyber-criminal hackers find vulnerabilities on the networks as they move around inside the network. That's what East to West is moving around inside finding other vulnerabilities. They often spend months laying the groundwork to compromise the systems with ransomware before finally unleashing the attack and encrypting the network. They've found that phase two, which was let's get on the network. Let's find the valuable files. Let's hold them for ransom. That just takes a long time. If they've stolen people's credentials, if they've stolen, social security, numbers, bank, account numbers, credit card numbers, et cetera. It takes a long time to sell them and get their money back. So they really aren't trying and to speed things up, frankly, spending months on a network isn't unheard of and it's become more and more common. These threat groups will hide for even years before they are detected, if they're detected at all, their goal is surveillance of the network. Finding all of the weaknesses and then stealing sensitive data, rather than just making money right off the bat with ransomware. These groups are making millions of dollars per attack. It's become so effective that many businesses if you look at their filings with the security and exchange commissions, are buying Bitcoin in preparation for a ransom. Isn't that something, in other words, they expect a ransom to happen. So they're just buying Bitcoin. So they have it to pay if it happens. Okay. So the there's been this transition from being opportunistic. Into the types of threats, we've seen from NationStates here for years. It is much more profitable for these bad guys to completely cover an organization with ransomware. Now, remember that's not necessarily the primary target, but it's also a really good cover for them because now you're trying to deal with the ransomware threat. So what do you do if you have ransomware? The best thing is don't get it in the first place. We've gone over that quite a few times here on the show, but the basics: Make sure you're running windows defender, Make sure that you are using Umbrella, so they have a hard time calling home. Make sure you go on to the next stage as well. Maybe add Malwarebytes. You also have to protect that network. I am a Cisco reseller and we have techs that are fire jumper certified. We know what happens. We can come in afterward and do clean up. This, unfortunately, is how we pick up most of our customers. Or we can go in beforehand and help to protect you because you want to stop them from getting in. The regular email filters just aren't enough. So we run it through just all kinds of tasks. We had an email from one of our clients here just about a week ago saying, Oh, I got this email. It seems to be fishing. How did that get through? Yeah, we stopped a thousand of those. It's types of emails and one snuck through. Nothing's perfect. We've got to remember that as well. So if it does get in someone bringing in a thumb drive from home or using the VPN into the office, that hasn't been properly protected. Most of them aren't, by the way, everybody that gets in, what do you do then? Hopefully, you have a good backup. You're probably going to have to wipe all of your machines. Depending on the threat involved, that might be pretty difficult because they can get into different parts of the machine that you just can't get them out of. The next evolution of ransomware is that these groups gain more experience with these successful attacks. That time where they're taking between that initial compromise could be months or even years, that amount of time will become much shorter. Meaning there's less time to potentially detect this suspicious activity before it's too late. We know from what Talos has been reporting, as well as others, that the compromise timeframe where they poke around inside your network is nowadays somewhere between three and five days. So you have a few days to catch them in your network. Now, if you don't notice them, well it's probably a little bit too late, but again, hopefully, have good backups. Having good backups means, by the way, the three, two, one principle on backups. It means that you need to be testing them as well. Make sure you can restore your business from backup and you might even want to do what we've done for our bigger clients, a one a multi-national where we had backup hardware there at their facilities. So if something were to happen, let's say that there was a fire in the front part of their building, where their main data center was, we could transfer all operations to the back part of the building, where we had our own servers sitting there that could take over at an instant notice. Then we also have servers in the cloud that have all of their data. In an attempt to keep them up to date in almost real-time so they can stay in business. That's what you need to do. If you're going to survive ransomware. Now there are also normal things. Make sure you're applying security patches to everything. Make sure you are using multiple network segments that can not communicate with each other. So for instance, your building control systems should be on a completely different network than your office workers' computers, and those computers should be on a completely different network than this server. They should be going through a firewall to get to the server and an internal one. You should have multiple layers of firewalls. In this company, I'm thinking of, this multi-national, we have seven layers of firewalls that you have to pass through in some cases, depending on where you are. That helps keep them out. Okay. The security patches you got to do, you've got to patch all of your internet of things devices. You cannot let people bring personal devices in. It just goes on and on. These are the types of controls, the best practices that we need to have. All right. You've probably heard of contact-tracing apps. Who knows what's going to happen with that virus over the next year or two years or what viruses might be coming after that. We're going to talk about the safety of the apps themselves. One of the big things that have been pushed in many parts of the world is contact tracing. Some states require us if we go to a restaurant to give our name, right? To give our phone number for contact. If there was someone at the restaurant who calls up the restaurant and says, "yeah, Hey, I came down with COVID-19 symptoms", then the restaurant's supposed to call up everybody who was there at the restaurant. Now, how effective is that? I really don't know. It's people, I would not want to give my information to people. I think we should just assume that we're living in a world with viruses and we should take precautions. If I was in the groups, one of the groups that were very susceptible to the virus. I think I would take a lot more precautions and frankly, isn't that the way it should be. If you are susceptible, then maybe you should lockdown. Not shut down - locked down, everybody else. We've never done anything quite this way before. You find typhoid Mary, and she gets quarantined, not everybody else. That's always the way we've done it. And it just makes a lot of sense. One of the proposals that have come out that they're saying, Hey, this is going to help us in the today and into the future, are these contact tracing apps? I'm looking at an article right now that was over on dark reading saying that they tested nearly 100 contact tracing apps. Now, these are apps that are on your smartphone that might use Bluetooth for proximity detection to another phone. They might use some other technologies. I've seen some that actually start to squeal and make noise. If you get close to somebody else that's running one of these apps. So that, okay, I'm within the one-meter limit. Of the nearly a hundred they tested, they found 40% had significant security issues. Either using GPS locations or Bluetooth proximity detection in order to determine your potential exposure to somebody else. Now, these are mostly apps that are not using this new Apple and Google exposure notifications protocol. I found that kind of interesting Apple has been very good at trying to preserve our privacy. In fact, there's a huge fight already going on between Facebook and Apple. If you have the latest version of iOS, you can go into the app store, look at an app, and I would challenge you to do that. If you've got your phone right now, iOS phone, and you're up to date, open up the app store search for the Facebook app. Then once you're on the Facebook app page, scroll down a little bit and it'll have a section in there on security that goes on for pages and pages. Yeah. More button. Okay. Read more of what it is that Facebook is doing with your data. So Facebook's pretty upset about that saying this is going to hurt small businesses who need to micro-target, and they're not wrong about that. Apple is saying, Hey, we're trying to preserve the privacy and security of people who use Apple equipment, which I absolutely do agree with. Well, a company known as Guardsquare, which is a mobile security firm analyzed 75 contact tracing apps, 52 Android apps, and 43 iOS apps and found that 40% did not use the Apple Google protocol that Apple and Google worked together on this to come out with. The bottom line here, what is it is going to be safe? How can we protect user privacy? This protocol is designed to protect it. Most of those applications used GPS system data too. Figure out your location of other people and linked it to the phone numbers or in some cases, passport identifiers. Now, GPS can be fairly accurate, but if you want it really accurate, you have to add to some other data that is transmitted by all major airports, because there's a variance. The density of the atmosphere, which can vary depending on whether it's raining, how much water is in the air, snow, and other things. They transmit variances that can be used in conjunction with GPS to get an actual, accurate location. Once you get into a building or have you ever been inside a big city and found all of a sudden your GPS data is just terrible. Your automatic map stuff just isn't working, right? Those big buildings are blocking the signals from some of the satellites that you are depending on. That's what they have found with these apps. Many of them are trying to use GPS. They are gathering that and keeping the information and selling the information, which is a bad thing. It's not terribly accurate. Okay. So first off don't use these apps at all. If you're in one of the risk groups, You are also now relying on other people to have the same app or the same protocol being used in order for your app to do any good at all, because they are combining the data from everyone that's self-reporting in an area to figure out if there's potential exposure. If they're not self-reporting, if they don't have that same app, you're not going to get any information. So in June, Guardsquare looked at 17 different Android apps and found only one that fully encrypted and obfuscated data. They have done a survey here in the last month and it has gotten a little bit better, but of those 95 apps, they found 32 Android apps and 25 iOS apps actually use the official API of the exposure notification system created by Apple and Google. So bottom line, don't use these contract contact tracing apps. They're not useful. They're not useful, if not enough, people are using them. Then to top it off, they are not encrypting the data and anonymizing the data. FireEye, man, this is the company that found out about that SolarWinds breach that we spent the first hour talking about today. FireEye is a security research company. Part of what you should be doing and is required to do is to have red team blue team exercises. What that means is you have people who are attacking your network, and then you have people who are defending the network. So you have a team of people whose goal is to break in and another team whose goal is to defend. You might remember. I talked to him about a company that hadn't been hired to do this out. Where was it? Missouri or something. They tried to break into the courthouse that they had been hired to test. Then there was a dispute over turf and everything else, and these guys went to jail and they had to go to court. The whole thing was quite the mass. Okay. That's a red team- blue team type strategy. We don't do physical incursions ourselves. It's just a little bit too risky for us. It takes more people more time, but we do the type of Computer incursions and FireEye has red team tools that are used to break in. That is a problem because FireEye was compromised as part of this SolarWinds hack. Their tools were stolen. These are the FireEye red team tools that are used by their security teams to break into businesses. This is the gift that's going to keep on giving. You might remember the NSA was broken into and their red team tools were stolen. The tools they use to monitor foreign governments and officials hack into computers. Well, this is a real problem. Okay. Many of these red team tools that were stolen from FireEye have already been released to the community and there's even an open-source virtual machine called commandoVM. Just absolutely unreal. Apparently, none of the red team tools that were stolen by the attacker contain zero-day exploits and they apply well-known methods to break in. In other words, if you had been patching your systems, taking care of it, unlike what happened with so many companies out there. Right? Home Depot, what happened to them? The TJX community of businesses, Equifax on and on Who did not keep up with best practices or even patches you might be okay. But if you are more of a security guy, like I am they have released hundreds of countermeasures that you can use, including things like Open IOC, Yara, Snort, ClamAV, all tools that we use here as well. There's a whole FireEye git hub repository. Git Hub is where people can distribute software and things. It's usually used by the open-source community and they've got directions and what you can do and everything else. So I think FireEye has responded extremely well to this. It's going to hurt their business. No doubt. It's going to hurt a lot of other businesses. No doubt, but I really like what they have done and you can look it all up online. If you want a little more information. Just email me ME@craigpeterson.com and it might be time for me to put together with other, a little course, Oh, maybe a big course on how to use these tools to test your own security as well as to defend your security. That's it for today. Thanks for joining me. Make sure you join me online as well. craigpeterson.com. --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553

covid-19 united states tv director netflix california canada health australia google europe donald trump kids china apple british west video russia ms chinese elections russian holidays united kingdom western tools resolutions drop professional fortune meaning congress east fbi security defense watching bitcoin missouri violence republicans pc massive android private democrats streaming ps figure mac cuba computers ios venezuela xbox wikipedia ranking intelligence windows gps hack senators wifi pfizer depending pentagon nancy pelosi excel boeing soviet union national institutes dominion improved api communists eastern europe cisco homeland security home depot internet of things bluetooth astrazeneca congressman ach orion nsa xi jinping norton github best buy duo daily mail ransomware vpn umbrella dod rolls royce airbus william barr hsbc ccp sha tech talk equifax contact tracing rf east west msp solarwinds lastpass treasury department nist rfp dni cisa apple google eric swalwell select committee talos red team nation state msps fireeye commerce department snort blue team malwarebytes mssp gateway pundit dapl google authenticator tjx windows defender secondarily dark reading pastebin craig peterson cisco umbrella clamav

19. Field Marketing: Traveling the World for A Living

Leap of Fate

Play Episode Play 56 sec Highlight Listen Later Oct 12, 2020 60:49

Who doesn't want to get paid to travel for work for a living? In this week's episode of Leap of Fate, Emma Ulrey, my good friend, and colleague at Cisco Umbrella comes on to speak about her role as a Field Marketing & Programs Manager. For Cisco, Emma has traveled to 3 continents, 30+ states. Some of the cities all expenses paid for work: Barcelona, Cancun, New York, Austin, Las Vegas, San Diego, San Francisco, the list goes on…At each city, Emma has enjoyed its world-renown culture, all with the purpose of engaging Cisco's customers! Does this sound like something you would want to do, all on Cisco's dime...! If this is you, then Field Marketing is the perfect job for you! The idea is simple: it involves selling a product, distributing promotional information, and personally connecting with target buyers.Field marketing can take many forms, and in the B2B world, you’re likely supporting sales, teaching a class, leading a workshop at a conference, or hosting a demo at an event. If you’ve ever been to a conference with an exhibitor table, that’s field marketing. If you’ve ever been to a company-sponsored meetup or live digital event, that’s field marketing too.However, with Covid19, the shifts from being in the field and traveling to digital marketing and online events have presented a unique challenge for field marketers to come up with innovative and new ways to communicate and track their field marketing initiatives. Yes, it sounds fun, but there is a lot of coordination, pressure, and logistics that goes on behind the scenes Emma will detail for you! Get ready to learn about what marketing is, specifically Field Marketing, and how you can

covid-19 new york las vegas san francisco san diego field barcelona traveling fate b2b leap cisco cancun programs manager field marketing cisco umbrella

Episode 183 - Damn Fine Cans

IT Babble's Podcast

Play Episode Listen Later Sep 15, 2020 61:42

1) Back at school in a COVID world a) Tony’s motto: “You have to think of every student as a virtual student that occasionally comes to school and if you do that your planning will fit every scenario.” b) GoGuardian: https://www.goguardian.com c) Cisco Umbrella: https://security.umbrella.com 2) Why your online streaming is bad and mine is good a) iPad solution b) Euro Mic Stand with Klip c) Disable iPad audio d) DJ Podiums e) iPad is a “person” in the meeting 3) Virtual Parent Conferences a) Zoom Waiting rooms b) Prep with teachers and parents c) Google Meet deadline - Sept ember 20, 2020 4) Streaming in the Classroom - Final verdict! a) Windows schools - Microsoft Wireless Display Adapter b) Mac schools - Apple TV c) BYOD schools - BenQ Instashow/Barco WePresent

covid-19 streaming mac prep ipads windows apple tv cans google meet byod klip goguardian cisco umbrella microsoft wireless display adapter

AS HEARD ON: WGAN Mornings News with Matt Gagnon: Online safety for kids, Wordpress Vulnerability and Apples newest iOS release

Play Episode Listen Later Sep 10, 2020 7:34

Good morning everybody! I was on with Matt this morning and we began with talking about how to protect your kids when they are on the internet doing their school work and I gave a tip that will really help you. Then we discussed a Wordpress vulnerability and Apple's newest iOS update. Let's get into my conversation with Matt on WGAN. These and more tech tips, news, and updates visit - CraigPeterson.com --- Automated Machine Generated Transcript: Craig Peterson: [00:00:00] That will stop your kids from going to no malicious sites and some of the darker corners of the internet. Absolutely free. Check it out. Good morning, everybody. Craig Peterson here, and that was me with Mr. Matt this morning. It's been one of those interesting weeks. Monday of course, was a holiday. So I wasn't on the air. Tuesday, there was a problem with the board over at the next radio station that I'm normally on Tuesday mornings. WTAG would Jim Polito and this morning it all seemed to go all right. So here we go with Matt. Matt Gagnon: [00:00:38] It's seven 36 on the WGAN and morning news on Wednesday morning, which means Craig Peterson joins us as he always does at this time. Craig, how are you? Craig Peterson: [00:00:46] Hey, good morning. Matt Gagnon: [00:00:48] Doing all right. Thanks for asking Craig Peterson: [00:00:49] Confusing stuff, elections, and everything. My gosh, Matt Gagnon: [00:00:53] Indeed. So Craig let's get right into things here. Lots of topics to go into, but, cybersecurity and going back to school would be, I think, topical for us here to begin with, because of course, as I'm sure, most people in Maine were going back to school as of yesterday, whether they were physically going back to school or if it was remote, they were going back to school. So why should cybersecurity be on your back school list? Craig Peterson: [00:01:16] it's important because frankly, our kids are now being exposed to who knows what, when they're online. So the basics are your child is going online. Hopefully, they're just going to the school site. But how many of us are monitoring our kids very closely. The bottom line is they're not. And then, on the second side of this, we've got the schools themselves who are terribly overloaded and those poor school workers who are trying to do the, IT now has to protect all of the school systems from ultimately all of this malware that's coming in. From the students' computers that are hooked up to the school, depending on how this is working. So think about it for just a sec, your kids might be writing a paper and sending in maybe a word doc. We already know about problems with word docs and cybersecurity, where the macros that can be in some of those word docs. Can be misused. Then that gets sent into the teacher whose computers now infected. It may be stored on a server at the school that's now infecting more and more kids. So we've gotta be careful on both sides here, both the school and the parents. I have a quick piece of advice. There's some software out there you can get it free, or you can pay for it. I advise you to pay for it. A very inexpensive it's called Umbrella. Again, it's by Cisco, a very good in stopping some of the ransomware spread and you can get a version of Umbrella, right there, free from their website that will stop your kids from going to no malicious sites and some of the darker corners of the internet. Absolutely free. Check it out. It's called Cisco Umbrella. Matt Gagnon: [00:03:04] There are many dark corners of the internet, Craig Peterson, our tech guru joins us at this time as he does every Wednesday. Craig, I am a, on the side, an amateur WordPress developer. I noticed in the number of things that you had to talk about here today, that one of those things was that there was a gigantic security flaw in WordPress sites. About 350,000 of them have been affected in some fashion. What's up with this? Craig Peterson: [00:03:28] Yeah, this is a very, again, very big call for people to pay attention. We know we've got to update our laptops, our phones, even. Although sometimes you can't get updates on some of the older pieces of equipment, which I respond to that. Hey, get the newer pieces of equipment, if you can't get updates. When you're talking about WordPress, this is software that used to manage the content on your website. Most smaller companies use WordPress as the basis for their website. So the big question is when was the last time. You did an update on your WordPress site because again, it's software, it needs to be updated. There's a package that you're referring to here called file manager, which is a plugin. It advances, it augments the features. WordPress has. It has a huge vulnerability in it and people just have not been updating. Now in the WordPress side, there are some plugins that you can get that will automatically update your website for you and update your plugins for you. I use those all the time. worth looking into. Depending on where your WordPress site is hosted, some hosting facilities will do some updates to your WordPress site, most of them are afraid of breaking your site. Personally, I use WP-engine. Is the name of the site for hosting some of my WordPress sites, just the basic ones. They do keep it up to date. They've got great tech support. They cost a little bit more. In fact, it's a lot more. Matt Gagnon: [00:05:09] Yea they do. Craig Peterson: [00:05:10] Have a look at those. At the very least use one of these free plugins that will do updates for you automatically. Matt Gagnon: [00:05:17] Finally Craig, before I let you go, I do also want to bring up the new iOS update because we're living in a pandemic world and the new update has a system apparently inside of it that helps to fight against the pandemic a little bit in some fashion. What does that actually entail? Craig Peterson: [00:05:32] Yea, this was not expected, frankly, here? This is the new release of iOS. In fact, there is a little battle going on over the new. Releases that are coming out as well. We've got Facebook fighting back on it. There was this plan that we talked about Matt, where Apple and Google had a pandemic tracker who you've come in contact with. Well, Apple included it in the latest version of iOS as 13.7. People are a little bit concerned about it, but Apple does have it set up in such a way that it's not squealing or reporting on you. It does allow you to participate if you want to. It will prompt you to opt-in, to receive notifications. If this contract tracing data shows that you may have been exposed. So it's up to you. You can use it, or not use it, but it wasn't a surprise. We knew they were working on it, but we didn't know. That they were about to release it. Matt Gagnon: [00:06:32] Craig Peterson our tech guru. He joins us at this time every Wednesday to go over the world of technology. Of course, you can hear more details about this on his show, which has heard on this very station on Saturdays Craig, we appreciate you joining us as always. And we'll talk to you again next week Craig Peterson: [00:06:45] Hey take care of Matt. Thanks. Matt Gagnon: [00:06:47] You bet. Thanks a lot. Craig Peterson: [00:06:48] Hey everybody starting next week, we are planning to have some major changes up on the website, a new type of email. We're going to be sending out a couple of midweek emails with long-tail stuff. n other words, some information you need to know. Just reminding you, letting you know what's new that you can read in two or three minutes, just trying to keep this simple for everybody and keep everybody up to date. So keep an eye out for that. Everybody who has subscribed to my email list over at craigpeterson.com will be getting those. So have a great rest of the week and we'll be back on Saturday. Take care, everybody. Bye-bye. --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553

Welcome! Business Post Covid, Corona Virus Scams, Phishing, Microsoft Teams Hacks and more on Tech Talk with Craig Peterson on WGAN

B2B Tech Talk with Ingram Micro

Play Episode Listen Later May 8, 2020 89:59

Welcome! For being locked down do to this Pandemic there is certainly a lot of technology in the news this week. So let's get into it. President Trump issued an Executive Order to protect our Electric Grid from using equipment not manufactured in the US, Microsoft Teams is under attack, Phishing and Ransomware are in the News and What will Post-COVID Business look like? So sit back and listen in. For more tech tips, news, and updates visit - CraigPeterson.com --- Automated Machine Generated Transcript: Craig Peterson: Hey everybody, welcome Craig Peterson here on WGAN. It is quite a week. I just can't believe how fast time is going. So many people are at home with nothing much to do, they're watching Netflix, et cetera, and I am busier than ever just trying to help people out and I'm going to be doing more free training and stuff over the next couple of weeks. Now I've just been so, so busy. I don't know if you've heard any of my features here on the radio station. They're supposed to have started airing, I guess we'll see if they do air, but I'm putting together these kinds of filler things that are a couple of minutes long. The whole idea behind them is to really help. People with just various technology issues. You know, me, I'm focusing on security because that is what seems to be lacking the most, and especially when we're seeing what we're seeing right [00:01:00] now, which is all kinds of people. Just getting everything stolen from them. It Is crazy what's happening. You know, we're all working at home right now to some degree. Many of us, obviously you still have to go in and. You know, in foodservice and manufacturing, et cetera. But even with that, the bosses aren't necessarily all there. Some people are getting sick and are staying at home for very good reasons. I think we'll see more of that in the future. Someone gets sick instead of the old American worth work ethic of going in and getting everybody else sick. I think we're going to see a lot more of the, Hey, I'm going to stay home because I'm not feeling well. This is going to be interesting because so many companies have these sick policies, sick day policies that I've never liked particularly. I think some of those will change too, but what is going to happen here in our post-COVID world, right? We've got this COVID-19 of [00:02:00] course the Wuhan virus causes the disease. it's also called, what is it, C O V I D SARS-2? Remember SAR. SARS had a much, much higher death rate than COVID-19 is turning out to have. But there are many, many people that have this. And we've seen some statistics now coming out saying that even people that are staying home, this one hospital this week did some, a little bit of research and found that 60% of their patients had quarantined in themselves at home. Now that tells you something too. We, we still don't know enough about this whole WuHan virus and the diseases that it might cause. Some of the symptoms we kind of know, obviously when it comes to respiratory problems, is an acute respiratory disease, which is what SARS is. Yeah, we know the basics of that, but man, the stuff we've been hearing about people having circulation problems, having legs amputated, even people who are [00:03:00] in good shape, you know, I hate to see it, but I can understand a diabetic having problems, right. And maybe ultimately having a leg amputated because of circulatory problems that come with diabetes or circulatory problems that come with being morbidly obese or even just obese. Those all kind of make sense to me, but. I don't know there's just so much we don't know. One of the things we're trying to figure out is what does the business looks like? What is going to happen? And there's a great article that came out in the computer world just this last week that is talking about telecommuting. I think it's really kind of an interesting thing because what we're talking about is a disease that's going to be affecting us probably for the next 18 months to two years now. I don't mean like the whole country or world is shut down for that period of time. Obviously that would be catastrophic to everyone. We would have people dying of starvation if that were to happen, but what I'm talking about is really kind of like what happened with the Spanish flu. You know, every last one of us has had that flu that happened in 1918 and unless you've been an absolute hermit that I've never had any food, you didn't grow, et cetera, right? It just sticks around. And that's going to happen with his WuHan virus. Well, it is going to be around forever, frankly, now that it's been thrust upon us, however, that came to be. Depending on whether or not we've got a vaccine. We've got some really good treatment when they're in place. That's really going to be the point where we try and get back to usual. I don't know. It's so many businesses are doing layoffs. One of my sons. His boss was just furloughed and a couple of his team members were furloughed. He's [00:05:00] kind of low end to management. He has a team that he supervises, and so the supervisor, one of the supervisors of the team supervisors got laid off. So when the business gets back going again, are they still going to have that extra layer of management in the middle? I don't think so. And some of these team members that were laid off are not necessary, you know, not, not talking about my son here, but just in general. But some of these team members that have been laid off in businesses are not necessarily the best of employees. So what does that mean? The owners and executives and businesses are going to have to find themselves running businesses in very different ways. I talked this week a little bit with Matt. Of course, I'm on the radio pretty much every morning during the week on different stations, but I was talking about what is [00:06:00] happening. What are we looking at? Where's this going? And one of the things that came up was, Hey, listen, we have these executives at the C-level. We have all of these people down, the front end, is that going to change the way most businesses work? And obviously I think the answer to that is yes, right? Absolutely. Yes. The vast majority of the burden to put together these new businesses and new operations is going to fall to the people in information technology. That's exactly what we are doing. So we've got to have it, executives, starting to talk about what does the business look like going forward? What should they be doing? How can they have an infrastructure that works for the employees and that is safe and secure because the bad guys have [00:07:00] redoubled their efforts and there are so many opportunities to them now because there are fewer eyes watching everything? Right now. Working from home is a term. That many people are using. And frankly, if you want to guarantee that the business change is going to fail, maybe you just call it working from home. Telecommuting on a corporate basis can work, but that's not everybody. That's not where we're all going to be here when we're talking about these multibillion-dollar companies. Barely any of them had true corporate work at home or telecommuting pre-COVID-19 now, some of them did in some cases, but frankly, the big distinction between work from home and corporate telecommuting is that [00:08:00] they thought work at home was an occasional thing for convenience. So, or you're not feeling well today. There's a blizzard, there's a big storm out there, or there's a power outage at the main office because they're, they're doing some construction. Some businesses also said, Hey, listen, every Friday during the summer, you know, you want to stay home once a month or whatever, just go ahead and do it and work from home. That's not corporate telecommuting. Telecommuting is where the employee or the contractor, these people who are working on a gig basis are based at the remote location full time. Now I've talked a bit about the gig economy. And gig workers before on this show, and I've talked about it many times on, on the radio and TV, but in case you don't know what that is, the gig economy is a major change. We started to see a few years ago where people, particularly businesses, were looking and saying, Hey, listen, we don't need to have all of these people on the payroll. Because in reality, this job is part-time. So why would we pay someone full time when it's a part-time job? And why would I have one person working at it when I could have three, four, or five people working at it when necessary. So all of a sudden there's an uptick in my business. Instead of having to try and find someone else, hire someone else, bring them in or, or turn down the work because I can't possibly handle it because I only have this one person who was part-time before. What we ended up doing is saying, Hey, How bout we just find people to do this one narrow thing, and the more narrowly the task can be defined, the better of the businesses because the cost goes down. [00:10:00] The more complex a task is, the more expensive it is. And you look at something like Amazon Mechanical Turk in case you're not familiar with that service. Amazon has, there are people who maybe some of you guys are doing this, who sit there and do very small, very narrow tasks for typically a fixed price. So it might be, get me the phone number and name of this doctor in this town. And you're paid a penny or whatever, 5 cents for doing that very, very narrow task. So they can go ahead and they have someone else saying, find me the name of all of the doctors that meet this criterion in this town and get me their names, their phone numbers, and their addresses. Much, much cheaper to break all of that down to the business. So they're looking at things like Mechanical Turk, but they're also looking at sites like Fiverr, which I've [00:11:00] used before as well. F I V E R R.com and if you go to fiverr.com in fact, let me go there right now while we're talking, you can find people to do almost. Anything for you. It says right on their homepage here, find the perfect freelance services for your business. And most of these are very narrow tasks. And their original idea is you, you know, five bucks, they discharged five bucks for it. And, you know, isn't that. or more reasonable thing than having to have an employee and having to have all of the expenses involved. All right, so I'll stick around. I wanted to finish this up here. A little bit of wandering and meandering as we're talking about. What does the post-WuHan virus world look like in the business space? You're listening to Craig Peterson, on W G A N and online at Craig Peterson dot com. Craig Peterson: Hi guys. Craig Peterson here on WGAN and of course online at craigpeterson.com. We were talking before the break, a little bit about the post-Covid 19 world. And I started talking about the gig economy and what it really is, what does it really mean to us? And I was just talking about a website called fiverr.com which kind of defined the whole gig economy for a while, frankly, for a number of years. And now there are more sites out there as well. But really Fiverr is the place to go online. So they have things like design a logo. Customize your WordPress website, doing voiceover whiteboard work for people. SEO, which is search engine optimization, illustration, translation, data entry. Those are kind [00:01:00] of their top categories, and you can go there. You can find what people are doing, what they're offering, what's the best thing for you, for your business? What might you want to consider? If it is really quite good and there are a lot of true experts that are making there. Their talents available to businesses now it's not just five bucks to do something. Some of these are a lot more expensive and some go on an hourly basis and, and I've used a number of other websites in the past in order to get people to hire people to do things. Upwork is one of the other big ones. U P W O R K.com. Check that one out as well. Whether you're looking for help or you want to provide help and sell some help. But upwork.com is another good one that I've used. And in both cases, I can go and post something and say, Hey, this is what I'm interested in. Having done and people will bid on it [00:02:00] for you. Now, a little inside tip here you might not be aware of in that is if you want people to bid on it, they have to be aware of it, and the only way they're going to be aware of it usually is if you reach out to them. So you have to do a bunch of studying and research and advance so that you know who looks like they might fit for you, and then you have to send them an invite directly because most of these people, especially the good ones, are not sitting there just waiting for a general. Query to come in, Hey, I need somebody to do a logo. Now they don't pay attention to that because they are in demand. So you have to find the people that you want to do. For instance, your logo, whatever the work is. So you'll go online, you'll look around, you'll look at their samples, they've posted, you'll find a few people, and I've found usually in order to find somebody that's good. I have to reach out to as many as 50 five [00:03:00] zero people on these websites to get the attention of somebody I really want. So if you are top-rated, it's phenomenal. They have ratings like at Upwork they have really great ratings and stuff for who some of the better people are. It really helps you with your decision. So when we're talking about the future, it's not just telecommuting. Or you might have lost your job. So what do you do now? I know, for instance, one of our listeners here, Linda, she reached out to me and I helped her with some, or actually one of my techs helped her out with some of the problems she was having. because she has lost her business actually, I think it was, and she's trying to start another one by doing website evaluation. You know, that's a perfect opportunity for somebody. To go to Fiverr or Upwork and see if they can't dig up a little bit of work as well. Now when you're first starting out, you're going to have to look at [00:04:00] those main feeds and you're going to have to comb through them and approach people. And you'd probably have to do stuff for really cheap until you develop a reputation. Cause you have to have people giving you those five-star reviews. But it's going to take a little bit of time. Now, one of the big questions that come up is payroll taxes. And when we're talking about the gig economy, the IRS has a set of standards that are in place that help you evaluate whether someone should be treated as a contractor or if they should be treated as an employee. And there's quite a bit of IRS case law if you want to call it that, IRS rules and regulations that have come out of the IRS courts that are paid by the IRS and judges work for the IRS and they get to decide what's right or wrong with you, right? But, there have been a lot of cases that say, Hey, listen to, here's where the line is drawn between a [00:05:00] contractor that you can pay 1099 and somebody who's W2. And that line that we're talking about is, is not just, Hey, they're working at home. Yeah. They're working from home. Well, do you supervise them? Do you give them the work that needs to be done? Are you setting deadlines? Are you telling them what equipment or software to use? You know, you need to talk to your attorneys, reach out to your accountant to figure out what all of those rules are and how they apply to you. But it, this adds yet another little twist to it. You know, it's one thing if you have just this limited task and you hire them once to do the task, like, okay, I need a logo design, or I need to have this changed on my website, or. Whatever it might be, and that's all well and good and that probably fits the contractor definition. Probably don't even have to 1099 them if you're using one of these sites like Fiverr or [00:06:00] Upwork because they're going to take care of it for you. Some of these sites will do tax withholdings for people and there's a lot of things they'll do, but where they are living also now. Will it affect your payroll taxes? So let's say that you're going to keep people on as employees and your businesses in New Hampshire, but they're living or switch it around here cause it doesn't work for New Hampshire. Right? But let's say they're living in a different state with a different tax jurisdiction. And you are your businesses in a state that has income tax provisions. I know in the Northeast we have some agreements between the States because of, of course, New Hampshire has no income tax and they're the ones that are always used for these things. But, there was an agreement between the state saying, Hey, listen, if they live in mass, you have to pay mass taxes. If you live in New Hampshire and you work in mass, you have to pay mass taxes. If you never ever stepped foot in mass, you have to pay mass. No, you don't. But did you see what happened in New York where? The governor of New York has come out and said, Oh yeah, by the way, all of you people that volunteered your time, if you stayed in New York for more than two weeks, you need to pay us income tax even though you were a volunteer. It just gets crazy. Right? So how do you keep track of all these jurisdictions? And if you're hiring people that live in some other state, they're in Illinois, they're in California, they're in one of these blue States that has crazy regulations and high taxes. Now you have to worry about all of that sort of stuff. Okay. It is really going to be difficult. The employee's home is in Atlanta. The company needs to treat that is an Atlanta office or Bureau in every way. If what's the legal [00:08:00] nexus? I've seen cases where just having a phone number from a state was enough to say, yeah, you are a resident of that state. It's really kind of crazy and not just a resident. I'm talking about businesses here. You have a business nexus there, so you have an Atlanta phone number and you don't have an office there, et cetera, but somebody answers that phone. Even if it's not in Georgia, you could get nailed you. Do you see what I'm talking about? This is absolutely going to be a huge, huge different corporate telecommuting is going to just drive us all crazy. Frankly, and in some states, you have not just the state tax, but you have a County tax, you have a city tax, all kinds of different local taxes at different percentages. I remember I had some stuff going on in Washington state, and it was different [00:09:00] tax rates, even for sales tax. You've been on the County, you were in. It, it kind of gets crazy. So, you're going to have to change their tax status if they're doing a hundred percent of their work in that other jurisdiction. And I think that's going to end up being a problem for a lot of people. So keep, keep an eye on that one is, well, ultimately this is going to lead to I think, nothing but confusion. Anyways, we'll move on to another topic when we get back enough about all of the taxes and things you're going to have to worry about with people working from home. But boy, there are a lot, no time to let your guard down because of Corona fraud. Is a huge threat. And what's we'll talk about what those real-world threats are. So stick around. We'll be right back. You're listening to Craig Peterson on WGAN online, Craig peterson.com Craig Peterson: Hello everybody. Welcome back. Craig Peterson here, WGAN, and of course online at craigpeterson.com. Talking a little bit, of course, it is hard to avoid this, how it got into the post-COVID world out there. What does it really mean? We're just talking. In the above telecommuting and how it's really going to cause some stresses on businesses. And you know, we've already talked in weeks past about how it's going to help businesses with a number of different things, including helping them with their ability to cut costs on, on travel and office space, et cetera. But there are a lot of other things to consider as you just went over. Oh, now we got to talk about what is happening to us at our homes and our businesses from, of course, the security side, because it's no time to let your guard down. Coronavirus fraud is a huge threat and it's been growing. We're seeing constant warnings about it from the FBI and from. These are various security companies that are out there. Certainly, we're getting all kinds of alerts from Microsoft and from also the Cisco people, but the scammers, the bad guys out there are just constantly reusing old ways of hacking us. And they're using scams that they've used forever as well. And that's part of the reason why I always talk about making sure you stay up to date. It's more important to stay up to date right today than it ever has been before. And scammers are rehashing. Some of these campaigns, kind of like the, remember the Nigerian [00:02:00] scams way back when? Some of those are back now in a bit of a different way. So we've got countries now, and of course, our States are starting to try and get a little bit back to normal here that got some paths to recovery. And in many cases, they're trying to get rid of some of these lockdown restrictions. But meanwhile, the crisis has brought out the worst in these con artists out there. And there's a great article by Ammar over at, we live security talking about some of this thing because. Really, they're exploiting every trick in their book when it comes to trying to defraud people. They've been trying to impersonate legitimate sources of information on a pandemic. We've talked about that where they'll send out an email saying, click here to look at this map of the pandemic, and there might be ads on that or might even be worse. Various types of spyware, obviously the that they're trying to put on there, but they're trying to defraud people and they've got also these fraudulent online marketplaces set up where they're offering deals on everything from hand sanitizer through toilet paper, eh, some of the masks and things. In fact, we just saw it was like a, what was it, $250 million, or maybe it was $25 million, refund from the Chinese for some state that had ordered some of these N95 masks that, that did not meet the standards. So. The scams are everywhere, and as I said, States are getting nailed in this as well. And the most popular, by the way, COVID 19 map. If you really want to see what's going on, you should go to Johns Hopkins University and there's a professor over there by the name of Lauren Gardner at civil and systems engineering, a professor who's working with some of her graduate students. To keep this up to date. So you can go there right now. and it says it's Coronavirus dot EDU, which is, of course, John Hopkins University, which is one of these teaching universities, that is a teaching hospital, but they're showing how many deaths globally, more than a quarter-million. Oh, almost what is getting close to 80,000 deaths in the United States. I also saw some really interesting numbers that were published this week in a scientific journal about how, you know, we're, we're looking at these number of deaths and we say, okay, 80,000 deaths, which is always horrific, but a. Normal flu year would get us what, 40,000 to [00:05:00] maybe 80,000 right? We had a really bad flu year a couple of years ago, but they delved into the statistics behind it. Now, this is where it's really kind of gets interesting because when you look at those statistics behind the normal. Flu, the flu pandemic, I guess they really are. it turns out that the statistics are heavily inflated and they, it's done because we don't track flu deaths like we're tracking the COVID 19 nowhere near as much detail. People that might have died of bacterial pneumonia in years past who were to be counted as a flu death. Now that is a bit of a problem. Right? So what do you do when you have these bad statistics? They're saying that some of these years where we reported 20,000 or more flu deaths, [00:06:00] actually may have been a thousand deaths in reality. So, Right. Any, anyway, so I'm kind of rambling a little bit here, but that brought it up when I was looking at this Johns Hopkins map here in front of me, how many people have died? How many people have recovered? It turns out that at this point that this COVID 19 flu is definitely more fatal. Then the normal flu season and the article I was reading in the journal were saying it could be as much as 44 times more fatal than an average flu year. Now that's really bad, isn't it? When you get right down to it, 44 times more fatal. but we don't know yet. Right. That's kind of a bottom line on all of this. We just really don't know and we're not going to know for a while. Anyways, back to it. [00:07:00] These maps, and I'm looking at a picture of one right now that was in, we live security.com, which is a map. It looks a lot like the John Hopkins map, and it probably is actually, and on top of that, it's got an ad for, you might need disposable coveralls with a hood protective suit. Now. Is this good? Is this not a good suit? They say, click on that to see it on Amazon. And Amazon certainly could have these for, for sale, but are they really sending you to Amazon or are they sending you to some other site out there? Right. What are they doing? They've got a live chat. They've set up. It's, it's really kind of amazing what the bad guys have done. They put a lot of work into this. The world health organization. you know, I don't know, the bigger, the higher up a government or non-governmental entity is in the food chain, [00:08:00] the less I like them, but they do have their own dashboard showing you what they think is going on. With the Coronavirus, so you'll find them at who dot I N T, which is the world health organization international, and they've got a big warning right on their homepage. Beware of criminals pretending to be the world health organization. they will, they're saying they will never, they, the world health organization will never ask for your username or password to access safety information. They'll never send email attachments you didn't ask for. They'll never ask you to visit a link outside of. Who dot I. N. T. They'll never charge money to apply for a job, register for a conference, or reserve a hotel, and they'll never conduct lotteries or offer prizes, grants, certificates, or funding through email. So that gives you an idea of the scams that are being pulled [00:09:00] right now when it comes to the world health organization. So don't let your guard down everybody, these emails that are going out are a real problem. They've got fake one-stop shops for all of your pandemic needs. That's a problem as well. Just just be very careful where you go. I'm looking at some emails as well. They've got tricks and there are many of them are the same old tricks they've always been using. Don't fall for the tricks. All right. Stick around. When we get back, we're moving on again. We're going to talk about this new executive order from President Trump. Is it going to make us safer? You're listening to Craig Peterson here on WGAN and online Craig peterson.com. Craig Peterson: Hello everybody. Welcome back Craig Peterson here. You can find me on pretty much any podcast platform that's out there. One of the easiest ways is to go to Craig peterson.com/whatever your favorite podcast mechanism is. iTunes is kind of the 500-pound gorilla. They're not the 800 anymore. They're just 500 and you can get there by Craigpeterson.com/itunes. Craig peterson.com/spotify Craig peterson.com/tunein whatever your favorite might be, you'll find me right there. So let's get into our next kind of controversial topic. And this has to do with President Trump's ban. Now it went into effect on May 1st, so it's been around for a couple of weeks. It seemed to be something that was released kind of at the spur of the moment. And it has to do with cybersecurity and the critical infrastructure. Now, you probably know that I ran for a couple of years, the FBI's InfraGard webinar training programs, and we did a whole bunch of training on critical infrastructure stuff. That's really kind of the mandate for InfraGard, but critical infrastructure. Now, just look at all of the jobs with Colvid 19 that were considered critical. The critical infrastructure really encompasses most of the economy nowadays. Even law offices are considered critical infrastructure. He said with a chuckle. Now that can be a problem. It can be good. It can be bad. It really kind of all depends, right? But bottom line, when I'm talking about critical infrastructure, I'm talking about the infrastructure that literally runs the country. There's one of the most overused words in the English language, literally, but in this case, [00:02:00] it really does. We're talking about the infrastructure that controls our electric grid, the infrastructure that controls our telephones, our smart devices. Obviously the infrastructure that controls the internet, the infrastructure that controls our sewage systems, our water systems, the whole electric grid, all the way up to our houses. That is the major part of critical infrastructure. Obviously our roads are considered critical infrastructure and the bridges and, and all of the ways of maintaining them. That's all pretty darn critical because without those commerce comes to a slowdown, dramatic and maybe a grinding halt and people die. Think about what happens if a whole region loses power, which happened here, went back in Oh four, I guess, and I think that was the most recent time. It happened in a very big way in, [00:03:00] was it 86 up in Quebec? And the one in Quebec was because of a bit of solar activity and the one here, you know, I've seen attributed to a bunch of things. The most recent one was that. Our power outage was probably done because of a probe into our electric grid, looking to see if they could potentially hack it and it ended up tripping one of these sites, one of these major sites that are used for distributing electricity, and then that tripped another, tripped to another, tripped to another and before we know it, we had a major cascade failure. So all of that stuff is very, very critical. If, if you've been in a hospital, you know how much they eat electricity. Now, hospitals, of course, have generators for the most part, and that's an important thing for them to have, right? You want to be able to have power if the power [00:04:00] goes out. So, okay, I get that, and that's a very good thing. But at some point, if you don't have access to, let's say, the diesel to run the generators, or maybe they're natural gas generators and you can't run those. What ultimately can you trust if you're a hospital. Because if the whole region loses power, so let's say New England, we lost power in all of the new England states, including New York State, New York City, maybe New Jersey. So we're talking about a five-hour car ride in order to get beyond where this particular power outage occurred. That means even people that have generators are going to run out of fuel because they, the gas stations aren't going to work. Most of them don't have. Pumps. So the trucks can't really deliver it cause the gas station doesn't have electricity. They can't be on, they just don't know what's happening. So they're going to have to send trucks to New Jersey or someplace to try and pick up diesel. And if it's even broader to say we had another Carrington event, like what happened in the mid 18 hundreds where there was a major solar flare that knocked out everything in the country. Now back in the mid 18 hundreds that weren't such a big deal. Today it would be huge. So between those two, obviously having a more localized power failure is better. How about the sewage where it all backs up maybe into the streets? How about the water supply where we just can't get water. Because it shut down. So many of these devices are now part of our internet of things, and that's a real problem. So President Trump signed this executive order that prohibits operators of the United States power grid to buy and to install any electrical equipment that has been manufactured outside of the US they're even going so far as to provide funding and finances to remove some of this equipment from our electrical infrastructure. You probably already know that we are not allowing these Chinese firms to build our new five G infrastructure or any of the equipment that's in it either. Then here's the code from the order. I further find that unrestricted acquisition or use in the United States of the bulk power system, electric equipment designed, developed, manufactured, or supplied by persons owned by controlled by or subject to the jurisdiction or direction of foreign adversaries augments the ability of the foreign adversaries to create an exploit vulnerabilities in bulk power system, electric equipment with potentially catastrophic effect. I think he's right. We're seeing these power grids, water grids, et cetera, being attacked. And much of it's coming through the internet of things like keep warning people about, it's, it's really, it's just absolutely amazing. So let's go back. I went and checked in the news, cause I had heard about what had happened over in Israel. And this is May 7th okay, so this week, this is very, very recent. Israel is blaming the US for Iran causing a widespread cyberattack on Israeli water and sewage facilities during April. This was a report that came out from Fox News on Thursday, and according to the report, [00:08:00] Iran used American servers to hack into the facilities. A I've talked about this now for 20 years, and, this whole part of it just really bothers me. They used American servers. Most of the time when the bad guys are using American servers using American computers, what they've actually done is they have compromised a server. 20 years ago we were talking about how Al Qaeda was videotaping the beheading of Americans and distributing them worldwide using American servers. Isn't that amazing? It's shocking. It shouldn't be shocking anyways to all of us, but that's what they were doing. They were using servers that they had hijacked. Now here we are 20 years later and Iran is using these servers to attack. [00:09:00] We know that our servers here, our desktops are being used, they're being compromised and then use to do denial of service attacks. Many other types of attacks out there. So it looks like President Trump might have been a little bit ahead of the game here. I'm looking at, the article here that I'm seeing on the Jerusalem Post. Prime minister Benjamin Netanyahu addressed the issue at last year's cyber tech conference in Televiv saying that Iran is attacking Israel on a daily basis. We monitor it and prevent it every day. They are threatening and other ways. What is important is that every country can be attacked and each country needs a combination of defense and attack capabilities. Israel has such an ability. So think that through a little bit. I know here in the US we have the ability to attack back, no question about that. Now, I also found [00:10:00] online over at, Analytics India magazine online, and this is from a couple of weeks back, three weeks ago, cyberattacks on the critical infrastructure of India is a worrying trend. So let's see, we've got the US that we know has had the critic, our critical infrastructure tack. We know your Iran appears to be responsible for Israeli. Critical infrastructure attacks, and according to the prime minister, they're being attacked daily. We've got India, and here's another one. This is the Czech Republic. This is just a quick search that I did online to find out who's been attacked lately. And this is from April 20th so what about three weeks ago? Attempted cyber attacks against several hospitals and an airport in the Czech Republic show. The coronavirus pandemic has not slowed down the West digital adversaries. So the leaders over in the Czech Republic are saying that they were able to stop these attacks, but they're getting more highly sophisticated attacks all of the time. Czech's top cybersecurity agency has warned, expected imminent serious cyberattacks against us healthcare sector aimed at disabling computers and destroying data. So in many cases, it's ransomware. In fact, that's the number one threat right now against our businesses in the US, it's still ransomware. Can you believe it? It is still ransomware. We are still not protecting ourselves and our business. It just drives me nuts. And that's our, we'll do some more training about this in the next few weeks here. This is particularly problematic right now because we're, we are in the middle of a pandemic. We do have hospitals trying to treat patients and they are under attack and they are getting ransomware and some of these big ransomware bad guys out there. I've said, Oh, no, no, no, we're not. Going to, Hey, if we do take control accidentally of the hospital's computers, we're just going to release it right away. We're not going to hold them ransom, and yet they have been, so be very careful. Everybody, this is, this is not going away anytime soon. They are going to continue to attack us. So when we get back, let's talk about something fun here. Let's talk about what the James Dyson Foundation is doing for our kids. You're listening to Craig Peterson here on W G A N and online CraigPeterson.com/subscribe make sure you get my weekly newsletter so you keep on top of all of these new stories for the week, and I'll be on with Matt Wednesday at seven 30. Craig Peterson: Hey everybody, welcome back. Craig Peterson here on WGAN. I'm on every Saturday from one til three and I am so grateful you guys have joined me today and all of the people that have been signing up today from my newsletter, by the way, when you sign up, I've got. Three little special surprises that only don't even mention when you sign up. So we'll be getting those over the course of the next week or so. Some really great tip sheets, some tools that you can use in order to help make sure your home and your business is properly secured. And hopefully by now. they've started running my little features and those are going to be fantastic. I'm trying to generate a couple of weeks so we can put them up and keep them fresh. But it, it kinda goes into some details of, you know what you should do. So let me, I'm going to put one in here right now. Play one of these features. This one's on passwords. Just give an idea of what these are so you can kind of keep an eye, an ear out for them. I was going to say an eye, but it's obviously an ear. Have you ever heard the term poned? While you might have been poned? Hi, this is Craig Peterson here with a security blink about something known as powning. Poned means that your account has been the victim of a data breach. Your username and password have been stolen from a third party. Now there's an easy way to find out if your account login has been stolen. Troy hunt started and still maintained a website called have I been postponed? He's collected the records of almost 10 billion user accounts from the dark web. Think about that for a minute. If you have an online user account, the odds are that your account data is online, out in the dark web, and the bad guys are using the same information they're finding on the dark web to send you phishing emails recently that's included scareware emails that are threatening to release some information about you. If you don't pay a Bitcoin ransom to prove their point, they're including your email address and password they found online. I'm contacted by listeners every week because these emails truly are scary, but are best ignored. How do you find out if you've been a victim of a data breach? Although it's safe to assume that you have been, you can just go online to have I been poned.com. Troy will let you enter your email address and he will search his database to see if your account information has been stolen. So what should you do? Get one password. It's the best password manager I've ever found. Use it to automatically generate a new password for you. For every online account, you have. One password will also automatically check to see if your account is listed on have I been pwned. To find out more about pwned accounts and password management and to find out how best to use them. Visit Craig peterson.com/compromised. So that's what we're doing, putting them out. I think that sounds pretty good. I heard it sounds really good. I'm thinking of the future ones, I'm going to do it a little bit less scripted. It just sounds too highly produced. I don't know what you guys think. Let me know. Just email me@craigpeterson.com I love to get a little bit of feedback from you. Well, let's get into our friend here, James Dyson. Now, in case you don't know who this is, James Dyson, that's spelled D. Y. S. O. N. He's a British inventor, and you probably know him best via his vacuum, the Dyson vacuum. It's really kind of a cool thing. Definitely overkill, but this thing works on the principle of cyclonic separation. And they used some of the similar technology too that Dyson did in order to make some very cool bladeless of fans that you can get. I really liked these things. They're absolutely amazing. He has designed a whole bunch of things. I'm looking right now at his Wikipedia page, and of course, they've got a picture of his bagless Dyson vacuum cleaner, which is really what got him into most homes, most people to understand, but he has been very, very big in inventing things over the years. I like his air blade hand dryer, which you will see at many bathrooms, probably more of them as you go forward. It does use ultraviolet light in order to clean the air. It doesn't spray it all around. I do not like and I have never liked the air dryers and bathrooms. It makes the spread of germs inevitable. It is a very, very bad idea and yet. So many people just think it's fantastic, right? So much easier. We don't have, to use paper towels, which are frankly much better. They spread the disease a lot less. So the Dyson air blade is a very, very cool, hand dryers, kind of like a squeegee. Air to remove water rather than trying to just blow it all away or evaporated with heat very fast drying, a lot less energy and safer too for us in this COVID-19 day. Anyways, let's get into what he's done right now. He's trying to encourage kids to do a little bit of experimentation. He has this fantastic PDF that you can download by going to the James Dyson Foundation website that you can just search for online, James Dyson, DYSON foundation. Now a few, our parent, [00:06:00] grandparent, if you're homeschooling because there's no more school for the year, or you're homeschooling because it's just a great thing to do. You're gonna want to check this out. It would have been handy when my wife and I were homeschooling all of our kids as well, but he's got these challenge cards is what he's calling them, and there are a total of 22 science challenges and 22 engineering challenges. Yeah. It's just so cool. One of these, the first one reminds me of when I was a kid, cause I remember doing this in school and this is how to get an egg to fit into a bottle without breaking it. Now, back then when I was in school, of course, it was a milk bottle, but what they're doing is they want you to get a glass bottle that has a mouth that smaller than the egg. You're going to put that egg into a glass of vinegar and make sure it's completely covered. So within two days, that egg is going to be very rubbery. Do you remember doing this? You guys ever done this? Then you heat the bottle in hot water. Obviously make sure that you remember a taut, okay. Use a tea towel and your handle it, and then rest the egg on the neck of the bottle. You don't want to put it so the narrow end is down over the mouth of the bottle. Then as the Air inside cools down, it's going to contract. Right. Expand contract, right as you heat and cool. So. The bottle is going to contract a little bit. The air is going to contract a lot. And you're going to have a vacuum inside this bottle, so it's going to suck the egg inside. So cool. And then the card goes into some detail. How does it work? It talks about the protein and what kind of acid is in the vinegar and what ends up happening. It actually [00:08:00] changes the chemical compound of the egg, which is what makes it rubbery. They've got this underwater volcano thing, which is so cool. This is a colorful underwater volcano that you can make very simple, again, ping pong balls and making them float using a hairdryer. It talks about the Bernoulli Bernoulli effect, which is, you remember I first learned about when I was starting to work on these new hard drives that had just come out and how har, how the heads floated using. Bernoulli a fact, a balloon, kebabs. Can you put a skewer into a balloon without popping it? So they explain how that works, what to do, what not to do. Liquid densities, just a whole ton of them. A geodesic dome is their first engineering challenge. Let me see if I can pull that up on my screen because this is pretty cool to make. Make sure you grab this, send it to your kids, grandkids. Use it yourself. Measuring the speed of light weather balloon. How to make a paperclip float. Yeah. Surface tension. Right. Skipped, fire extinguisher, scared pepper, dancing raisins that so many cool things. A lava lamp. I've always thought those were the coolest things. Did you know that some of the best random number generators out there right now are actually using lava lamps? A whole bunch of them. The visible link and then the Geodesic dome is you're using these jelly sweets and cocktail sticks and putting them all together. And how is it done? Talks about Buckminster fuller. I just love this stuff. I don't know about you guys, but it's so simple. Marble runs the kids can make, and it's where marble is running down the outside of a box and how you guided spaghetti bridges. See, all of these are cheap, strong as this drinking [00:10:00] straw. Not the crappy paper ones, but a real drinking straw. Electric motors. Yeah. Anyhow, check it out online. Of course, there's a link to it as well @craigpeterson.com you can go there. You can see all of this week's articles, and if you are a subscriber to my email list. You will already have it in your mailbox, should have gone out to this morning. So double-check your email. If you did not get it, just send me an email to me@craigpeterson.com that's Peterson with an S O N.com and just ME. Right. Me, it's me and Craig peterson.com and I'll be glad to double-check as to why you didn't get it. Hopefully, I didn't get caught in a spam box somewhere cause we send out thousands of these things every week. And you never know if someone, if people don't open them, I don't know if he knew how this works, but if people don't open them, like on Gmail, Google mail, if they're not, people don't open them. They assume, Oh, nobody's interested in this. And so it gets a lower priority until all of a sudden Google thinks, Oh well. This must be spam because people aren't opening it. So make sure you open it and download any graphics that are in there. Cause that tells Google and everybody else that, Hey, you care about this email. If you turn off the remote images, which is what I normally do personally. but when I get a newsletter, I always make sure to turn it back on. so if you got the images, then Google or AOL or Hotmail or office who 65 whatever you're using will know that it is a good email. It's valid. All right. Stick around. When we get back, we're moving to be on we're going to talk a little bit about Microsoft teams and some phishing that's been going on. You're listening to Craig Peterson here on W G A N. Craig Peterson: Hello everybody. Welcome back. Craig Peterson here on WGAN online and craigpeterson.com. We've been covering a lot of stuff this show today. We just talked about these challenge cards and if you're interested, if you didn't get that URL, I'm going to give it to you again. I love these things are great for your kids, grandkids coming over for the day, whatever it might be. Go online and go to either look for James Dyson's foundation or just go to my website craigpeterson.com. You'll find it there under the radio show, but the James Dyson Foundation is who published these things they're absolutely phenomenal. We also talked about President Trump's executive order banning foreign electrical equipment from getting into our grid. Looks like they're trying to remove equipment that's already there. After the attacks that have been mounted all around the world against different [00:01:00] countries is no time to let your guard down. We've got Corona fraud in a very, very big way still, so we talked about some of that, what that's all about, and telecommuting in a post-COVID 19 world, what does that look like? How is that going to affect our businesses, our lives, our jobs, et cetera? So if you missed any of that, you can just go online to Craig peterson.com check the podcast and you can listen to it right there. I've also been trying to put them up over on YouTube and put them up on Facebook from time to time. I'm going to get better about that. I absolutely have to because we've got to get this message out to everybody, and if you have shared my newsletter with friends or some of these webinars I did. Two dozen over the course of a couple of weeks if you shared any of them. I just want to thank you guys so much for doing that. This is such an important thing for me to get the word out. That's what I've been trying to do for. Decades now because I got nailed as a small business owner by one of these pieces of nasty where there was out circulating at the time, and I really don't want it to happen to you or anybody else. And it really upsets me when I see some of these advertisers who are deceiving people. Just this week I broke down one of these ads I was hearing for VPNs. And every word they were saying was correct. But if you get into like the legal definition, if you're sworn in, it's the truth, the whole truth and nothing but the truth, right? It's not what it's supposed to be. What does that mean? Well, the truth, you know? Okay. So did you rob that store? No. Okay. That's the truth of the whole truth might be, no, I did not Rob that store, but I heard Jane robbed the store, or I know Jane robbed this store or that would be the whole truth. So they, they're talking about their VPN product. And they're talking about how it can keep your data away from prying eyes. Well, yeah, it's kind of true, but it also exposes you to even more prying eyes. You see what I'm talking about when I say not the whole truth. So that's why I've been doing all of these free little training and also been doing lots of stuff for some of the paid courses and training too, because we've got to help people understand, and that leads us to what we're going to talk about right now, which is Microsoft teams. And now Microsoft teams are not bad. It's software that you can get as part of your now called, [00:04:00] Microsoft three 65 subscriptions, which can be good, right? And teams are what you need in order to have collaborative work and to be able to do collaborative work. But just as a quick word of warning, the only collaboration system out there right now that has full-audibility and all of the features that are required by some of the more advanced regulations is WebEx teams. But anyways, on all of these fronts from the Microsoft teams through, you might be using Slack, which is another very popular one, and even WebEx, but we're seeing a whole lot of phishing emails, and there's a warning that just came out here this last week that. People, particularly people who are working in industries such as energy, retail, and hospitality. There are some hackers out there right now that are attacking people specifically pretending they are from Microsoft teams. So they're trying to steal the access credentials of employees who are working from home. And what we've been finding is that many of the people who are working from home right now are. You know, they're, they're not being supervised by the security people. They're using a home computer. It may or may not be up to date. It may or may not have reasonable security precautions on it. It can be a real problem. And when they are getting an email like this, if you ever get an email that looks like it's from Microsoft or looks like it from a vendor that you've been using. If you're in the office, you might lean over to somebody else and say, what do you think of this email? Do you think this is legitimate? Or you might report it to your people, your security people, et cetera. But we're finding with people working from home that they're not double-checking it. And so they're clicking on a [00:06:00] link. They think, Oh my gosh, I'm not using Microsoft teams properly, or I mess something up and there's something I have to do. I got to recover this. I got to figure this out. And in fact, what it is, is that the bad guys out there that are trying to hack you realize what it is that you're trying to do, which is get, just get my work done, right? Just get the software working. So they have been directing attacks to the people. That is a little bit more ignorant in some of these ways. All right. Now at this point, it looks like most of these attacks are not highly targeted. In other words, it's not spearphishing. So it goes right back to what I was talking about earlier. Those emails that we were getting from the Nigerian Prince, right? They are general. So they're unlikely to mention your username and Microsoft teams, even your company. They are just generic and they can be sent to anybody. And so the hackers have taken a list of different companies and what businesses they're in and have been trying to direct them to those businesses. Now, the URLs that are in these, oftentimes we're finding that they. Are using multiple levels of URL redirect, and the idea behind that is to throw off these malicious link detection tools that are out there and to hide the actual URL of the final domain that's being used to host the ultimate attack. Isn't this something. These people are doing. So I did some training here on using Cisco Umbrella, which is a product that we sell, but you can buy directly from Cisco. It is specifically designed to help prevent these types of attacks, and I think it's really important that everybody use that installs it right. Get the free version if that is what you need. If you're a business, you should talk with me because there are special business levels that are not offered on the umbrella website, but special business versions that allow a lot more tracking and a lot more granular control. But make sure you have this in place because even with the multiple redirects, the odds are high that Cisco umbrella is going to be able to attack that. All right. So one message is impersonating the notification that's received when a coworker is trying to connect with you or contact you via teams. The other one is claiming that the recipient has a file waiting for them on Microsoft teams, and the email footer even has legitimate links to. The Microsoft websites, you know, Microsoft teams, application downloads, et cetera. And in one of the attacks, these phishing emails containing a link to a document hosted on a site used by an email marketing company. So we have to be very, very careful. And especially now we're, we're working more at home. We are going to be continuing to work more at home, move most of us anyway, and we are using these collaboration tools and maybe you don't have access to your normal texts of people that you would text support people that you would have access to. So double-check all of that. Well, when we come back, we're going to talk about the biggest threat. To the small, medium enterprise space. You're a small business, your small office, your home office, what it is, what those numbers look like, and what you can do about it. And we will be back in just a couple of minutes here. This is Craig Peterson, you are listening to me on W G A N or online at Craig, Peterson.com stick around. We'll be right back. Hey, welcome back everybody. Craig Peterson here. So glad to have you guys. I really enjoy helping out and I love getting those emails you guys send to me. You're so kind. They're just on some of the compliments and some of your suggestions. It's just fantastic and you can reach me directly. By sending an email to me@craigpeterson.com now, I get a lot of emails, particularly lately, so if it takes me a little bit to get back to you, I apologize in advance, but we do try and get back to all of the people who reach out, but you know, that's not always possible. Just a matter of life, I guess, in this day and age. All right, so let's move on to our next topic for today, and that has to do with the biggest threat out there right now for the small business space. And I was looking at some numbers here during the break. I'm trying to [00:01:00] figure out, so, so what is. Going on. We, we've talked a lot about phishing. We talked about what was just happening here in some of the online space. Things you need to look out for and what, what we're really talking about here when we call talk about small business, the biggest threat is. Ransomware to realize that. How long has ransomware been along? Been around? Excuse me. How long has it been out there? How long has it been attacking us? We have some statistics out there. I'm looking at right now from health net security saying that 46% are small, medium businesses have been targeted by ransomware, and 73% have. Paid the ransom. Now, paying the ransom can be cheap. It can be expensive. It really depends. Of course, the FBI suggests you don't pay a ransom because of two reasons. One, it doesn't guarantee you'll get your data [00:02:00] back. In fact, half of the time when a Ransom's paid all of the data is not. Recovered. And the other reason is it shows the bad guys who will pay ransoms, which means, Hey, listen, guys, you guys are paying a ransom. Maybe we should go after you again because unfortunately, many of the businesses that have been hit by this stuff don't properly update. their security and those are the companies that ended up coming to me. Right? They should have come before the ransomware hit, not after the ransomware hit and not after they had a second problem. You know, if, if you've got somebody who's providing you with its services. And you have been, you know, ransomed. Don't go back to them to try and fix the problem. It's like, well, who was it Einstein that said that the same thinking that created a problem cannot solve the problem. And we've seen that again and again and again, but paying the ransoms. Here's what it costs right now. 43% of SMBs said they've paid between 10,000 and 50,000 to ransomware attackers. 13% said they were forced to pay more than $100,000 now, I can guarantee you any SMB out there, well, if you're like 500 employees. Huh? It's going to cost you more than a hundred thousand. But, uh, you know, if you are a company that has less than a hundred employees, it's not going to cost you more than that. Not even close to it, but paying the ransom doesn't guarantee anything. If you are a bigger company, we're seeing the average cost of one of these attacks being over a million dollars, because if you're trying to recover, you're trying to do the. Great. You got to notify all of your customers, your customers, find out that you've been hacked and that you had ransomware, you had the lost business while you were down. You [00:04:00] have a lost reputation after you get back. Okay. It's just absolutely amazing. Now. Businesses that are in the B to B space like mine, right? I'm, I'm a business to business. In other words, my services, my security services, the hardware, everything. We're selling to businesses. I really don't deal with consumers, although we've certainly helped a lot of consumers out there, listen to the radio show, but the businesses that are in the B2B space are. Saying that about 80% of them, this is self-evaluation. 80% of them are prepared for an attack to some degree or another. They've at least taken some preparatory steps. People, these businesses that are selling to individuals. In other words, B to C, business to consumer, it's about 20% less. All right? It's crazy. 28% of SMBs admitted that they do not have a plan to mitigate a ransomware attack. So it's very important to get all of this stuff together because the bad guys are coming after us. You've got to have a plan. You've got to prevent the attack. So what do you do? Since ransomware. It is right now really the top threat it gets in via phishing attacks. It gets in a lot of different means, but it's really a saran somewhere. That's the bottom line. I would suggest something here because I know you guys. It is so frustrating trying to do updates. It's even more frustrating when you install an update and it breaks something. Right. And frankly, the update thing comes up in the middle of doing something. You say, Oh, I'll do this later. So you put it off. Hopefully, you're running the pro version of Microsoft Windows, not the home version that doesn't let you do much of them put off. And then they'd remind you the next day, Oh, I gotta do this. I gotta remember to do [00:06:00] this. And then you delay it. And in my training, I talk about what the best delays are to use, depending on what kind of business you are, but you gotta kind of figure that out. What are the best delays, uh, between the time Microsoft tells you that you should do it and, and when you absolutely need to do it? So you're sitting there and saying, ah, last time I did this, I had problems and took me a day to recover and I lost all of that work and I don't really know what I'm doing right. I don't know if I should legitimately install it or not. Right? Have you guys had those questions? Yeah, I bet you have. Send me an email me@craigpeterson.com if you've ever had any of those types of questions go through your mind because I think it's normal. Those are the same questions that go through my mind, my team's mind. So what we end up doing, of course, is doing a bunch of online research, at least we understand a little bit about what needs to [00:07:00] be done and how to do that sort of evaluation, right? We're kind of security professionals, so I get it, right? You're sitting there wondering, what should I do? So because of that, let me tell you the secret. Cause it really is a secret. Obviously try and stay up to date. Obviously have windows defender turned on and UpToDate, as UpToDate as you can get it, but I mentioned it in the last segment and if you want more details, go back to the last segment. You can find that online@craigpeterson.com under my radio show. But listen to what I had to say there because probably the best thing you can do. It installs and uses Umbrella. Cisco umbrella is available for free. There are home versions, there are family versions, there are paid versions. They do not sell any of the, you know, the real business versions on their website, and you can always email me@craigpeterson.com if you have some questions about which one's best for you. But what we deal with typically is the enterprise versions. I'm even using the enterprise umbrella. That my company sells at my house, right. In order to protect everything appropriately. But what happens with ransomware is it has to call home. Usually, when malware gets onto your computer and it establishes a foothold, one of the first things that do is call home. So it calls home and says, okay, I've got this computer. What do you want me to do? And the more modern ransomware will give lists of the files that you have on your computer. He liked that. And so it asks, Hey, listen, the files on your computer are this, that, and the other thing. So a bad guy, I'll look at the names of the files on your computer, and if it's interesting, they'll get on your computer. They'll poke around a little bit. And that's why there's such a variant in how much the ransom is. Sometimes they'll demand multimillion-dollar ransoms for the data if they think that you might be worth it. If you are a town, for instance, you're a city like Atlanta. Look at this. They've been ransomed what, two or three times we know of. So the first thing it tries to do is call home. The first thing some of this phishing email does is try and get you to one of these sites where you can get the ransomware. Umbrella, Cisco Umbrella is designed to stop both. It's available for free. Install it. Now I have a course on it and I may be giving that course again. An absolutely free course. We'll see soon, so I'll make sure on my email list so you get it, Craig peterson.com/subscribe. Craig Peterson: Hey, welcome back everybody. Craig Peterson here. Hard to believe the time is almost up, but you know, because that's the way that

covid-19 united states tv american new york amazon netflix california new york city israel english google donald trump kids science coronavirus washington pandemic england news americans british west corona chinese spanish microsoft new jersey illinois viruses fbi bitcoin normal iran states businesses engineering new england seo air scams wikipedia hacks paid fox news prime b2b israelis electric albert einstein new hampshire irs depending excuse expand nigerians measuring slack peterson bureau wordpress decades post covid talks northeast quebec surface wuhan cisco internet of things gmail czech republic new york state liquid johns hopkins university executive orders czech ransom benjamin netanyahu flu sars al qaeda barely aol frankly ransomware vpn umbrella johns hopkins dyson fiverr install phishing upwork recovered smb microsoft teams tech talk marble smbs pumps w2 urls carrington n95 customize uptodate vpns query microsoft windows webex john hopkins jerusalem post skipped john hopkins university hotmail ammar electric grid telecommuting james dyson nigerian prince bernoulli mechanical turk infragard poned geodesic lauren gardner amazon mechanical turk buckminster craig peterson cisco umbrella huh it wgan right have

S7|E15 East/West – North/South: Under the Cisco Umbrella and BlueCat’s DNS Edge Technology

Cisco Champion Radio

Play Episode Listen Later Apr 22, 2020 26:36

Listen to Cisco’s Chris Riviere and BlueCat’s Brian Shorland describe Cisco’s Umbrella and BlueCat’s DNS Edge technology synergistic partnership. The discussion includes how Cisco’s Umbrella and BlueCat’s DNS Edge technology products integrate and enable functionality such as DNS profiling and mining of network information, like phishing emails, adult content, malicious infrastructure, etc., using DNS to add extra layers of security, and more! Cisco Champion hosts Jody Lemoine (https://twitter.com/ghostinthenet), Tish Co, Network Architect David Penaloza (https://twitter.com/davidsamuelps), Verizon Enterprise Solutions, Lead Network Consulting Engineer Guests Chris Riviere (https://twitter.com/rivimont), Cisco, Technical Solutions Engineer Brian Shorland, BlueCat, Director, Product Management Moderator Lauren Friedman (https://twitter.com/lauren), Technical Influencer Marketing and Cisco Champions Program

director technology cisco umbrella dns east west north south bluecat cisco umbrella west north verizon enterprise solutions technical influencer marketing

S7|E15 East/West – North/South: Under the Cisco Umbrella and BlueCat’s DNS Edge Technology

Cisco Champion Radio

Play Episode Listen Later Apr 22, 2020 26:36

director technology cisco umbrella dns east west north south bluecat cisco umbrella west north verizon enterprise solutions technical influencer marketing

Ep. 50 How Ingram Micro and Cisco are Enabling Remote Workers

Play Episode Listen Later Apr 17, 2020 17:29 Transcription Available

Although activity on Cisco Webex has seen a major uptick, Ingram Micro partners can still count on the online meeting platform to reliably connect remote teams working from home. In this episode of B2B Tech Talk, Keri speaks with Systems Engineer Jeff Barnhart (Cisco) and Sr. Channel Account Specialist Collin Rauen (Ingram Micro) about how Cisco and Ingram Micro are handling increased activity from remote teams. They discuss: Keeping security measures up to date when working remotely How Cisco is specifically serving the healthcare and education communities Free offers to help businesses enable their remote workforces Financing offers through Cisco and Ingram Micro For more information on Cisco resources, check out Cisco offers + solutions, Cisco Webex, and Cisco Umbrella. For more information on Ingram Micro resources, check out Ingram Micro financing programs and Express Warehousing. To join the discussion, follow us on Twitter @IngramTechSol #B2BTechTalk Sponsored by Cisco and Ingram Micro Financial Solutions Listen to this episode and more like it by subscribing to B2B Tech Talk on Spotify, Apple Podcasts, or Stitcher. Or, tune in on our website.

spotify finance security cloud stitcher sr financing cisco enabling umbrella remote workers webex ingram micro cisco webex cisco umbrella b2b tech talk

Ep 28 - Secure Internet Gateway

Conf T with your SE

Play Episode Listen Later Mar 11, 2020 38:25

On this episode of Conf T, we being back special guest Shaun Furey to discuss the latest additions to the Cisco Umbrella product stack to keep your users safe and policies enforced. Links: Cisco's COVID-19 Response and Offerings: https://blogs.cisco.com/security/cisco-expands-free-security-offerings-to-help-with-rise-in-remote-workers Umbrella Packages Overview: https://umbrella.cisco.com/products/packages Getting started with SIG: https://docs.umbrella.com/umbrella-user-guide/docs/getting-started AV-Test Results: https://umbrella.cisco.com/blog/2020/02/18/av-test-places-cisco-umbrella-first-in-security-efficacy/ Shaun Furey LinkedIn: https://www.linkedin.com/in/shaunfurey

internet cloud secure gateway offerings proxy firewalls sig cisco umbrella

S2E05: Home (in)Security, part 2

Technically Religious

Play Episode Listen Later Feb 4, 2020 15:59

Last year we started to dig into the idea of what it’s like to be an IT professional with a strong religious, ethical, or moral point of view, who is also a parent. In that episode we discussed some of the concerns we have with technology, and how we get around those concerns. But like most topics in tech, there is a lot more to say. So today we’re revisiting this topic to extend and deepen the information we shared. In this podcast, Leon Adato, Keith Townsend, Al Rasheed, and Destiny Bertucci about parenting with a bible in one hand and a packet sniffer in the other. Listen or read the transcript for part 2, below. Leon: 00:06 Wlcome to our podcast where we talk about the interesting, frustrating and inspiring experiences we have as people with strongly held religious views working in corporate IT. We're not here to preach or teach you our religion. We're here to explore ways we make our career as IT professionals mesh or at least not conflict with our religious life. This is Technically Religious.Leon: 00:53 This is a continuation of the discussion we started last week. Thank you for coming back to join our conversation.Leon: 00:59 Okay, so I'll, I'll run down, uh, my setup, I'm using what, what I officially call pro-sumer. It's not really consumer. It's, it's in between professional and consumer equipment. Qustodio uh, sorry, Ubiquity, uh, network year, which, um, the, the security gateway that they provide, which you don't have to buy if you don't want to, you can actually run it - okay. really geeky - on a container. You can run it in a container or you can run it on a raspberry pi. Uh, that's what I'm doing. Or you can run it in a virtual machine or you can buy the security key and put it on your network. And that gives you actually NetFlow data. So you can not only tell how much bandwidth you're using, but you can tell by, uh, by source and destination. And so you can tell which device was accessing which targets at any given moment and see a breakdown, and see a breakdown by categories. You can see how much social media traffic, how much video, you know, YouTube or Netflix or Hulu traffic, et cetera. So that lets me see that. Um, it has allows me to create multiple networks so I can segregate my IOT devices. Again, Destiny, going back to the whole Ring and Wise camera thing, I can put those on a completely separate network, which doesn't fix the problems we were talking about, about them being hacked. But it does allow me to lock down those devices a lot more than I would my cell phones or the tablets in the house. I can have separate, you know, lockdowns and controls. Um, and unless you create filters, uh, whether they are access control lists or other kinds of filtering that you can do. Uh, I also have Qustodio on every device in the house. So every Tuesday.Destiny: 02:44 I used to use that.Leon: 02:44 Well you're the one that told me about it. Uh, so that's the one I'm using. Yeah. Qustodio on every cell phone, every tablet, every laptop. It even runs on Linux. Yay Linux! So I run that on everything. And that allows you to have per-user controls. It also lets you have really granular settings. Like I can say that my son is able to watch YouTube videos from 6:00 PM to 8:00 PM on Monday, Tuesday, Wednesday. And that's it. But he can watch, you know, Netflix or Hulu at different times. And the overall device usage is up to four hours a day and after four hours it shuts down. And you know, on Saturdays there's absolutely no usage until after sundown because obviously he shouldn't be using it. But Keith, to your point, temptation is temptation. You never know. So it lets you have really granular controls about the who, the what and the where that devices and that follows my kids everywhere they go that use the device. So it doesn't matter if they're inside my house or outside my house. Qustodio goes with them. And it does give you some other really nice benefits, like Destiny you told me about, uh, your daughter was in, uh, an accident and you knew immediately she couldn't tell you where she was, but her phone was able to tell you where it was and you were able to get there really quickly because you know, your daughter who was already sort of in crisis and not able to process the information, wasn't able to give over that information. So it has a lot of,Destiny: 04:16 Yeah, I got an alert immediately that something had happened and I had a kid see her GPS location, knew everything that was going on and I was already on my way to get her before she even found her phone.Leon: 04:27 So yeah, it's really, really good stuff. So Qustodio goes on every device. Ubiquity is the network gear. I have a little app called pi-hole, which will, uh, run on a Linux machine or you can run it again on a raspberry pi. It was meant for raspberry pi, hence the name pie hole. And what that does, it's, it's security, but it's also almost an internet speed up. It filters out, uh, spam ads that come into your house. They just never come into your house. The pie hole captures them. So you'll see a page and there's gonna be three ads you can see. And two, you can't because the two, you can't were span ads. So that speeds up the webpage. But it also means that there's a whole bunch of garbage that me and my kids are not even seeing. And that's on a element by element basis on every website.Destiny: 05:16 Which also protects you from the cyber attack. So...Leon: 05:19 okay, there you go. And, and finally, uh, OpenDNS or a Cisco Umbrella, depending what you would call it. And the benefit of Cisco umbrella. It's not just that it's a DNS protector, it's crowdsourced everybody who's using it. Every corporation, when, when the Umbrella system sees a bunch of attacks coming in from a particular IP address, Umbrella blacklists, it automatically, and nobody who is using Umbrella can get to that site. So if an enterprise is suddenly seeing a new cyber attack, you're not going to even get it because that IP address, that destination is automatically puts, you know, black holed, so you're never going to get there. So...Destiny: 06:01 And the cool thing about that, if you remember right when I was talking about this in Australia was the main thing that I loved about Cisco Umbrella is like SD-Wan, especially like the way that they're running their network and the way that they're testing and getting things done. Like you were saying on the blacklist and everything, you are getting that enterprise level new technology and new hacks that are coming to SD-Wan that you are getting prevented from as well.Leon: 06:25 And I will say that for the basic level it's free.Destiny: 06:28 Yup. And then you can get, you know, a little crazy with it, with your little cloud access, security blockers and everything.Leon: 06:33 I will say for those people who are interested in it, um, and again, you know, thinking about the Orthodox Jewish community which tends to go with whitelist only. So I can't get to any site that I haven't purposely white listed that, um, you're only, you can only have a certain number of white list items before you have to pay for it. But anyway, that's my setup. Um, what does everyone else have?Al: 06:52 I actually have something similar to what you just described. I'm just getting into Ubiquity, so I'm curious to learn more about it. Everybody speaks very highly of their products and their services, but I want to filter the content that's coming in or trying to go out. I want to be able to see what, uh, is being viewed online. And this way this can provide me with something to go back to whoever the guilty party is and say, look, this is why I'm here. This is why we implement this and this is why we're going to prevent it moving forward.Destiny: 07:23 So some of the things that I've also implemented, because obviously you know the Qustodio and everything in which that that I've set up before, but I've helped a lot of people use the Mobisip as well. But it also depends on what devices you like. Right? Like like if you have Kindles versus you know, iOS updates or if you have Android versus... There's different things that you can grab. But mobi, sip is one of the ones that I like for like a Windows / Apple kind of a household that you have. And I like setting that up, especially for teenagers because they can request like when they're like trying to do homework, like for health and it has to do with sex or something like that, it'll automatically go to my phone and I can look at the link, bring it up, see if I approve it and approve it from my phone. And it automatically allows them to start engaging with that content. So it's not like, you know something that's not very like quick, if that makes sense. Cause if they're in school using their laptop, cause here they get to use their own laptop or iPads or Kindles or things like that at school then it's something that I can easily like switch on and off. So much so to where even the school now is trying to implement that on their tablets because they were like "how did you do that?" But um, same thing is another product is Net Nanny. I don't know if you guys have heard of that, but net nanny as well. Those are some of the things that I've helped a lot of families set up on with those. A NetGear, they also have NetGear Armor. So here around in New Mexico, a lot of the free wear of which they give people. So a lot of the times, you know a lot of the people that are going to be on the internet will have NetGear. Right? It's usually a Nighthawk in this area and like you can get extenders and things of that nature. But it comes with something called NetArmor that can help you visually like be able to, to track and to do things and to block things at the actual router itself. Something that I do like about that product in the way that they have it set up though is that it's very user driven, if that makes sense. So like if you are new to it, as we were talking about earlier, protect your networks. It'll say "guest network: enable or not?", You just click the box and it'll disable it, right? So disabled that guest network if you're not using it and it'll ha so you can set up reminders, you can do dynamic QoS, like you can block people, you can do scheduling when you can shut down your network, shut it down per device, you know, things like that. But it's very user, um, uh, has a lot of user accessibility to it that I like because it's one of those things where if you're new to it and you're going to be given a router and you're going to be giving everything out of the box and "Here, welcome to the internet." Right? It's very step-by-step on how do I protect myself. And that's something that they've actually started doing in the past six months when they engage that NetArmor. So I think that NetGear is coming around and understanding that Hey there's people out there that don't know what they're doing per se to secure themselves in their home network. So let's see if we could make it wizard driven. Right? Cause anytime it's wizard driven it's fun. So those are some of the things and it comes with the device, right? So I think that it's one of those things that if you are listening and you have NetGear or if you have something that your provider, your ISP has given you to connect to the internet, make the phone call the tech support. Right? Like ask them "What's my username and password ?"if you don't already know it. Cause I know several people who have no idea and ask them, what did you set this up for? How do I log in? Okay cool. Let me turn off my guest network. Let me change my password, let me see what I have going on here. And they will walk you through those, but you can also Google it and figure it out just as much. But you, you have to be the proactive one to protect your fort, right? Like you have to want to protect yourself, which means you're going to have to understand and use the GUI, use the actual website, like dial into it, see what it's doing, look at those logs, set up your alerts, update it, right? Like set it to automatic updates so you get those security updates. So just so that you're implementing that basic cyber hygiene.Leon: 11:28 Right. And there's a few other points of, of that basic cyber hygiene I think that are worth talking about. Um, Al, you hinted at it earlier, but I want to hit it again. Uh, password managers: Period. End of sentence. Whether regardless of what device, regardless of what environment we're talking about, use a password manager for two reasons. First of all, that way you don't have to have everything set to the same password because your password manager will remember it. And two, closely to related. It will generate strong, secure passwords that you don't have to remember. And it will automatically input those passwords into all of your apps. And that is the number one attack vector for people who are trying to get your information is they'll just, you know... When you see in the news, Oh, there was a Amazon S3 bucket that had 2 million usernames and password hashes that were in there. What that means is they now have a library of 2 million people and their password that they say, "Oh, this person uses this password. They probably use it in a few places. Let me try it against this site, this site, this site." And suddenly they have their bank or they have your Facebook or they have your Instagram. And from there they can get into your this and your that and your other thing. And that's how people build an a, you know, an attack against a particular individual. And by the way, these things can all be automated. I think sometimes we think of hackers as "Well, who's really gonna worry about little old me." Nobody's going to worry about little old you. There's a bot for that. There's a, there's a machine that is automatically walking through those 2 million accounts and just running a whole set of predefined processes. And when it finally gets a hit and goes through every other possibility, it sends a report back to somebody and then they start digging.Al: 13:12 Right. And if I could add to it, a lot of people underestimate two factor authentication. It literally takes two minutes to set up and it saves you hours upon hours moving forward.Leon: 13:24 Yes. Everything. They can have two factor authentication, turn it on.Destiny: 13:29 And here's the thing, you have more information and this is statistically shown on your phone than you do in your home. Think about that. Used to, we used to keep files or mortgages or information or bank accounts or statements and everything in our house. You're all accessible from your phone and an application or a website. So if you have stored passwords, things like that and you're not changing them, you're kind of at a disadvantage anyway. And some of the things that me and you have talked about, Leon, especially, ESPECIALLY at conferences, is securing your line, encrypt your phone. I was like, we literally... me in Leon. We're in a conversation one day when the lady was like, "Oh, I don't care if they get my phone, who cares?" I was like, "Oh, I don't know. But if you pay attention over there, they're like literally going through everybody's photos and putting them on display because they can. And they're displaying your bank account that's overdrawn. So I don't know what to tell you right now. Feel like you should probably secure that." And it's those little things like, I mean, I use Avast Secure Line. I mean, it's like cheap for a year to use it. I can constantly connect it and it's encrypted the whole time. It constantly keeps me protected. My kids are that way as well because they're going to school and I'm sorry, but their school does not even have an IT person and like they're in an open network. I'm like, "no." This just isn't gonna work for me. So I, but it's one of those things where it's like you teach them to protect themselves and now they do it on their own. Like my kids will tell you if they see something that doesn't make sense, right? Cause you see something, you say something. And like if they get sent something from their teachers or like, cause now they're using third party applications are using Google drives, they're using all this stuff and people are sharing passwords and my daughter's like "you really shouldn't do that." Well then they found out that one of their friends got all their homework deleted, right? Like it's like they're seeing it in their daily transactions of school to where they are more ahead of changing passwords, not giving your information. Make sure you have more than a four digit code on your phone because they're have friends who break into them like they are figuring out the cyber waters way faster than most parents are right now. And that's, that's okay. But if you have that open forum or if you're having those conversations, you can actually help each other.Roddie: 15:47 Thank you for making time for us this week to hear more of technically religious visit our website at http://technicallyreligious.com where you can find our other episodes. Leave us ideas for future discussions or connect with us on social media.

netflix australia google ring security android wise hulu period new mexico ios ipads gps ip kindle iot cisco linux umbrella dns isp orthodox jewish nighthawk ubiquity sd wan netgear amazon s3 right it qos opendns right like roddie keith townsend qustodio cisco umbrella right cause net nanny windows apple

A Brief History Of Cisco

The History of Computing

Play Episode Listen Later Jan 30, 2020 18:19

The History Of Cisco Welcome to the History of Computing Podcast, where we explore the history of information technology. Because understanding the past prepares us to innovate (and sometimes cope with) the future! Today we're going to talk about the history of Cisco. They have defined the routing and switching world for decades. Practically since the beginning of the modern era. They've bought companies, they've grown and shrunk and grown again. And their story feels similar in many ways to the organizations that came out of the tail end of the grants tossed around by DARPA. These companies harnessed the incredibly innovative ideas and technology to found the companies who commercialized all of that amazing research and changed the world. These companies ushered in a globally connected network, almost instantaneously transmitting thoughts and hopes and dreams and failures and atrocities. They made money. Massive, massive truckloads of money. But they changed the world for the better. Hopefully in an irrevocable kind of way. The Cisco story is interesting because it symbolizes a time when we were moving from the beginnings of the Internet. Stanford had been involved in ARPAnet since the late 60s but Vint Cerf and Bob Kahn had been advancing TCP and IP in the 70s, establishing IPv4 in 1983. And inspired by ALOHAnet, Bob Metcaffe and the team at Xerox PARC had developed Ethernet in 74. And the computer science research community had embraced these, with the use of Email and time sharing spurring more and more computers to be connected to the Internet. Raw research being done out of curiosity and to make the world a better place. The number of devices connected to the growing network was increasing. And Stanford was right in the center of it. Silicon Valley founders just keep coming out of Stanford but this one, they were professors, and early on. They invented the multi-protocol router and finance the startup with their own personal credit cards. Leonard Bosack and Sandy K. Lerner are credited for starting Cisco, but the company rose out of projects to network computers on the Stanford campus. The project got started after Xerox PARC donated some Alto workstations and Ethernet boards they didn't need anymore in 1980, shortly after Metcaffe left Xerox to start 3COM. And by then Cerf was off to MCI to help spur development of the backbones faster. And NSFnet came along in 1981, bringing even more teams from universities and private companies into the fold. The Director of Computer Facilities, Ralph Gorin, needed to be able to get longer network cables to get even more devices connected. He got what would amount to a switch today. The team was informal. They used a mother board from Andy Bechtolsheim, later the founder of Sun Microsystems. They borrow boards from other people. Bosack himself, who had been an ARPAnet contributor, donated a board. And amongst the most important was the software, which William Yeager wrote, which had a little routing program that connected medical center computers to the computer science department computers and could use the Parc Universal Packet (PUP), XNS, IP and CHAOSNet.. The network linked any types of computers, from Xerox Altos to mainframes using a number of protocols, including the most important for the future, IP, or the Internet Protocol. They called it the Blue Box. And given the number of computers that were at Stanford, various departments around campus started asking for them, as did other universities. There were 5,000 computers connected at Stanford by the time they were done. Seeing a potential business here, Bosack, then running the computers for the Computer Science department, and Lerner, then the Director of Computer Facilities for the Graduate School of Business, founded Cisco Systems in 1984, short for San Francisco, and used an image of the Golden Gate Bridge a their logo. You can see the same pattern unfold all over. When people from MIT built something cool, it was all good. Until someone decided to monetize it. Same with chip makers and others. By 1985, Stanford formally started a new project to link all the computers they could on the campus. Yeager gave the source to Bosack and Kirk Lougheed so they could strip out everything but the Internet Protocol and beef that up. I guess Yeager saw routers as commercially viable and he asked the university if he could sell the Blue Box. They said no. But Bosack and Lougheed were plowing ahead, using Stanford time and resources. But Bosack and Lerner hadn't asked and they were building these routers in their home and it was basically the same thing as the Blue Box, including the software. Most of the people at Stanford thought they were crazy. They kept adding more code and logic and the devices kept getting better. By 1986, Bosack's supervisor Les Earnest caught wind and started to investigate. He went to the dean and Bosack was given an ultimatum, it was go the wacky Cisco thing or stay at Stanford. Bosack quit to try to build Cisco into a company. Lougheed ran into something similar and quit as well. Lerner had already left but Greg Satz and Richard Troiano left as well, bringing them up to 5 people. Yeager was not one of them, even though he'd worked a lot on the software, including on nights and weekends. But everyone was learning and when it was to benefit the university, it was fine. But then when things went commercial, Stanford got the lawyers involved. Yeager looked at the code and still saw some of his in there. I'm sure the Cisco team considered that technical debt. Cisco launched the Advanced Gateway Server (AGS) router in 1986, two years after the Mac was released. The software was initially written by Yeager but improved by Bosack and Lougheed, as the operating system, later called Cisco IOS. Stanford thought about filing a criminal complaint of theft but realized it would be hard to prosecute, and ugly especially given that Stanford itself is a non-profit. They had $200,000 in contracts and couldn't really be paying all this attention to lawsuits and not building the foundations of the emerging Internet. So instead they all agreed to license the software and the imprint of the physical boards being used (known as photomasks), to the fledgling Cisco Systems in 1987. This was crucial as now Cisco could go to market with products without the fear of law suits. Stanford got discounts on future products, $19,300 up front, and $150,000 in royalties. No one knew what Cisco would become so it was considered a fair settlement at the time. Yeager, being a mensch and all, split his 80% of the royalties between the team. He would go on to give us IMAP and Kermit, before moving to Sun Microsystems. Speaking of Sun, there was bad blood between Cisco and Stanford, which I always considered ironic given that a similar thing happened when Sun was founded in some part, using Stanford intellectual property and unused hardware back in 1982. I think the difference is trying to hide things and being effusive with the credit for code and inventions. But as sales increased, Lougheed continued to improve the code and the company hired Bill Graves to be CEO in 1987 who was replaced with John Mordridge in 1988. And the sales continued to skyrocket. Cisco went public in 1990 when they were valued at $224 million. Lerner was fired later that year and Bosack decided to join her. And as is so often the case after a company goes public, the founders who had a vision of monetizing great research, were no longer at the startup. Seeing a need for more switching, Cisco acquired a number of companies including Grand Junction and Crescendo Communications which formed like Voltron to become the Cisco Catalyst, arguably the most prolific switching line in computing. Seeing the success of Cisco and the needs of the market, a number of others started building routers and firewalls. The ocean was getting redder. John Mays had the idea to build a device that would be called the PIX in 1994 and Branley Coile in Athens, Georgia programmed it to become a PBX running on IP. We were running out of IP addresses because at the time, organizations used public IPs. But NAT was about to become a thing and RFC 1918 was being reviewed by the IETF. They brought in Johnson Wu and shipped a device that could run NAT that year, ushering in the era of the Local Area Network. John T. Chambers replaced Mordridge in 1995 and led Cisco as its CEO until 2015. Cisco quickly acquired the company and the Cisco PIX would become the standard firewall used in organizations looking to get their computers on the Internets. The PIX would sell and make Cisco all the monies until it was replaced by the Cisco ASA in 2008. In 1996, Cisco's revenues hit $5.4 billion, making it one of Silicon Valley's biggest success stories. By 1998 they were up to $6B. Their stock peaked in 2000. By the end of the dot-com bubble in the year 2000, Cisco had a more than $500 billion market capitalization. They were building an industry. The CCNA, or Cisco Certified Network Associate, and CCNE, Cisco Certified Network Engineer were the hottest certifications on the market. When I got mine it was much easier than it is today. The market started to fragment after that. Juniper came out strong in 1999 and led a host of competitors that landed in niche markets and expanded into core markets. But the ASA combined Cisco's IPS, VPN concentration, and NAT functionality into one simpler box that actually came with a decent GUI. The GUI seemed like sacrilege at the time. And instead of sitting on top of a network operating system, it ran on Linux. At the top end they could handle 10 million connections, important once devices established and maintained so many connections to various services. And you could bolt on antivirus and other features that were becoming increasingly necessary at various layers of connectivity at the time. They went down-market for routing devices with an acquisition of Linksys in 2003. They acquired Webex in 2007 for over $3 billion dollars and that became the standard in video conferencing until a solid competitor called Zoom emerged recently. They acquired SourceFire in 2013 for $2.7B and have taken the various services offered there to develop Cisco products, such as the anti-virus to be a client-side malware scanning tool called Cisco AMP. Juniper gave away free training unlike the Cisco training that cost thousands of dollars and Alcatel-Lucent, Linksys, Palo Alto Networks, Fortinet, SonicWall, Barracuda, CheckPoint, and rising giant Huawei led to a death by a thousand competitors and Cisco's first true layoffs by 2011. Cisco acquired OpenDNS in 2015 to establish a core part of what's now known as Cisco Umbrella. This gives organizations insight into what's happening on increasingly geographically distributed devices; especially mobile devices due to a close partnership with Apple. And they acquired Broadsoft in 2017 to get access to even more sellers and technology in the cloud communication space. Why? Because while they continue to pump out appliances for IP connectivity, they just probably can't command a higher market share due to the market dynamics. Every vendor they acquire in that space will spawn two or more new serious competitors. Reaching into other spaces provides a more diverse product portfolio and gives their sellers more SKUs in the quiver to make quotas. And pushes the world forward with newer concepts, like fog computing. Today, Cisco is still based in San Jose and makes around $50 billion a year in revenue and boasts close to 75,000 employees. A lot has happened since those early days. Cisco is one of the most innovative and operationally masterful companies on the planet. Mature companies can have the occasional bumps in the road and will go through peaks and valleys. But their revenues are a reflection of their market leadership, sitting around 50 billion dollars. Yes, most of their true innovation comes from acquisitions today. However, the insights on whom to buy and how to combine technologies, and how to get teams to work well with one another. That's a crazy level of operational efficiency. There's a chance that the Internet explosion could have happened without Cisco effectively taking the mantle in a weird kind of way from BBN for selling and supporting routing during the storm when it came. There's also a chance that without a supply chain of routing appliances to help connect the world that the whole thing might have tumbled down. So consider this: technological determinism. If it hadn't of been Cisco, would someone else have stepped up to get us to the period of the dot com bubble? Maybe. And since they made so much money off the whole thing I've heard that Cisco doesn't deserve our thanks for the part they played. But they do. Without their training and appliances and then intrusion prevention, we might not be where we are today. So thank you Cisco for teaching me everything I know about OSI models and layers and all that. And you know… helping the Internet become ubiquitous and all. And thank you, listener, for tuning in to yet another episode of the history of computing podcast. We are so very lucky to have you. Have a great day!

ceo director history business apple internet san francisco speaking zoom mit sun silicon valley massive mac stanford reaching raw ip athens san jose computer science mature cisco alto chambers huawei brief history linux graduate schools vpn kermit practically ips checkpoint voltron xerox darpa lerner pix golden gate bridge 7b cisco systems 6b yeager barracuda ethernet webex cerf sun microsystems skus osi palo alto networks fortinet grand junction mci tcp rfc blue box john t arpanet ipv4 bbn linksys vint cerf xerox parc imap ietf pbx sonicwall ccna alcatel lucent opendns internet protocol lougheed john mays ccne cisco umbrella cisco ios sourcefire bob kahn cisco asa andy bechtolsheim

Episode 18: Cyber Security from the Cisco point of view

TechSperience

Play Episode Listen Later Oct 15, 2019 41:49

TechSperience episode 18 picks up at week 3 of our National Cyber Security Awareness Month series where our host, Penny Conway talks with David Booth, Technical Sales Executive for Cisco Solutions Architecture and Marsilda Bialczak Cisco Product Development Specialist. Our guests are joined by our TSG Cyber Security Solutions Team Steve Nardone, Rob Di Girolamo and Bill Virtue. Discussions include: Demystifying the Cisco Meraki partnership, Cisco Umbrella, Cisco's collaboration with Duo and the importance of zero-trust security inside and outside the corporate network as well as a multitude of other security solutions as we uncover the need for multiple solutions within the security ecosystem. You can read the transcript of this episode here.

cybersecurity cisco demystifying duo point of view david booth national cybersecurity awareness month cisco meraki cisco umbrella

Ep 10: Protecting the Edge

Conf T with your SE

Play Episode Listen Later May 22, 2019 40:53

On this episode, Bryan and Joe speak with special guest Shaun Furey about Cisco Umbrella, Cisco's DNS-based web security and content filtering solution. They discuss the importance of protecting the edge as well as how easy it is to deploy Umbrella, it's key features, and new and upcoming features. Cisco IT on Cisco Umbrella - http://cs.co/9008EYLnm Cisco Umbrella Blog - http://cs.co/9004EYLX0 Cisco Umbrella Status Page - http://cs.co/9001EYLkl

security protecting cisco umbrella dns opendns cisco umbrella

Best Malware Advice - What's My Mario Brothers' Worth - Spam Phone Calls: AS HEARD ON WGAN

Continuum Podcast Network

Play Episode Listen Later Feb 20, 2019 16:08

Craig joins Ken and Matt as he does every Wednesday morning. They talked about robocalls and the Super Mario Brothers video game that sells for $100,000. Craig also shared with Ken and Matt his best malware advice. These and more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: Robocalls And Phone Scams Are All The Rage In 2019 Unopened Copy Of Super Mario Bros Video Game Sells For Record $100k --- Transcript: Below is a rush transcript of this segment, it might contain errors. Airing date: 02/20/2019 Best Malware Advice - What's My Mario Brothers' Worth - Spam Phone Calls Craig Peterson 0:00 Hey everybody, bOy getting busy this week, I'm putting together all of the content for our course. And this is really exciting. This is, I'm so excited because this is gonna be the best course ever. Anyways, so everybody who signed up for this welcome aboard. Glad to have you here this morning I spoke with Mr. Ken and Matt we went over the this whole problem that we're having with frankly, these robocalls that are coming in. The spam calls the junk calls, what does it mean? What can we do about it? So we talked about that this morning. We also talked about our friends over at Nintendo here and is your game your Super Mario Brothers game worth $100,000 or more? A kind of an interesting question right. If you have one of those sitting around in your in your attic or your basement also I did some tech support help this morning for Ken which is kind of interesting because it ties in exactly with the course I'm doing right now but if you want little tech support help and want to know how to use secure your machines what's the best browsers and stop did that this morning with Ken as well. So here we go with Ken and Matt. Happy Wednesday. Unknown 1:27 Back again and Craig Peterson is with us now as he always is Wednesdays at this time 7:38 on Wednesday Wednesday Wednesday. Craig, how are you this morning sir? Unknown 1:37 I am I am I'm doing pretty well this morning. It's been a busy week and now almost winter again. Unknown 1:45 Before, I have a question to ask you because I you know I was using Firefox and I started using Chrome and I opened this link and all these you know Orbits drops. It says, don't you want to buy an airplane ticket? Unknown 2:01 Your PC may be infected right now. Unknown 2:05 So what is the spyware clean your computer program to put on, Unknown 2:12 or we learned a lot from Wreck It Ralph. And Ralph breaks the internet. And I don't know if you've seen that movie. You Unknown 2:19 know, Unknown 2:24 the problem is, there's a little green guys running around trying to get you to click on things. So I think you're real question is, how do I stop those little green guys? Right? Yeah. Okay. Okay. How Unknown 2:36 do I do my computer? How do I get rid of them? Do I get pest modern pest services? Unknown 2:43 Yeah, that's kind of what you have to do. The pop up stuff is fairly easy to stop. Famous last words and what you do what I always do, and I do this in, in Firefox, which is a little better I should Unknown 2:56 go back to Firefox. I don't know why my daughter told me to use Chrome stopping and going back to Yeah, Unknown 3:03 yeah, it is. Firefox is much much safer with your information just in general, right? They're not out there trying to watch everything you do and sell it all in fact, they're they're very good about making sure they're up to date and blocking things but what's the best malware? That's such a good question and last week I started I had what four different cult courses classes last week for people free ones that I did. And that's one of the top questions and it's a kind of a difficult one to ask. It's kind of like you know, what's the best helmet to wear? Well, it depends and what it depends on is what you're trying to protect against because there's a lot of nastiness out there but here goes the drum roll because if you're running Windows you have a Windows machine then you're looking for the basic protection you can turn on Microsoft software and it's got Windows Defender get that turned on and Windows Firewall get that turned on and you're pretty safe as far as everything in general goes and then there's one more piece of software that I advise everybody to get and put on their machines and that's Malwarebytes. Malware-B-Y-T-E-S. It's very very good that was Unknown 4:21 what Unknown 4:23 that's what Matt suggested Malwarebytes Unknown 4:25 ladies Florio Yes. Yes, exactly. And I got a great tip from Matt last week to with this this of Facebook plugin though. Are you enjoying? It Unknown 4:37 isn't it's life changing? But Unknown 4:39 whatever. What's that one? Unknown 4:41 That's the one where you can filter your Facebook feed and get rid of all i don't Unknown 4:45 i don't do Facebook. So I don't care. Maybe you would if you could filter? No, I'm not. No. Unknown 4:50 Yeah, it actually works quite well. Yeah, Unknown 4:54 Malwarebytes is really, really good. And then, you know, the Facebook stuff, there's a few the little filters, but built into Chrome, you can turn on pop up blocking, and I do that as well. So with Chrome, you go to your settings. And there's got to be there's a great search bar inside of the settings and look for pop up blockers. You can do the same thing on Safari, you can do the same thing on Firefox, it makes life much easier. Now, if you're a business, you can certainly use those basic pieces of software and Apple, if you keep up to date with your patches on Apple. It's even safer from the standard virus and hacker standpoint. And then Microsoft is, but since Windows seven Microsoft to ship with some of the stuff turned on. So there's your basics I really like. And this is what we use for our professional customers. I really like Cisco's, what they call AMP, which is their anti malware protection stack. And it's a bunch of different software. But there's one other thing you guys got to do, right? So I mentioned carry on all of your default stuff right now, at least on turn it off use Malwarebytes, but there's something out there called OpenDNS. And this is a lifesaver. This is probably one of the best things you can do as well. And it's also available for free or really, really, really, really cheap depending on what you're trying to do. And what OpenDNS does is when your computer tries to find where to go online. So you type in google.com, it has to turn that name into an address. So it has to be turned into an internet address, because that's the only way to get around. Right. It's not it's like a sort of Ken's house. So where's Ken's house? Well, now you have to look it up in the phone book. Right Ken? Right. And it's 123 mainstream street in Scarborough, Maine. It's the same sort of a thing. So what happens with OpenDNS, if you're using that is the computer says, Okay, well, where's Google that it's trying to find the address and sort of asks, in this case, if you set it up, right? Ask OpenDNS, OpenDNS, okay, well, he's he's 123 Main Street, and off you go, everything's wonderful. But if you have some malware, if you have some evil software on your site, or let's say it's trying to drive you to some adware based site or trying to get you to go somewhere you shouldn't have be cooked on something you shouldn't have is going to ask, Hey, how do I get to the Kaminski house over there in Moscow, Russia, OpenDNS is looking at that and say, Whoa, wait a minute, we know those Kaminski guys and they're tied into this unabomber guy and this is a bad place to go. And so it OpenDNS as at that point is it stops you from going there and pops up a little while doesn't pop up. But it comes up a little message on your browser saying that's an evil place to go but it also stops malware that's on your computer so one of the first things this evil software does matter where does is it phones home just like ET and tries to figure out what do you want me to do next to do you want me to infect next. Our evil plan to take over the world. And so it tries to call home so how does it call home it does the same thing it says hey I want to call home and it goes to mask OpenDNS. OpenDNS says I know who you are I'm not letting you call home and we're talking about even on their paid plan one or two bucks a computer a month just stop the bad guys from calling home. It's phenomenal OpenDNS look it up now there's better software than that we tend to use Cisco Umbrella which is the next level up from OpenDNS but there you go I just gave you my best tip ever can they keep faith and and it's Mac and Windows okay so is it just across the board is great Unknown 8:57 doing it Unknown 8:58 okay all right so Craig Peterson joins us at this time every Wednesday and he tells us about all the things that can needs to know about his computer I've noticed Craig by the way that on my phone I had installed a like a robo killer app which had been reasonably effective for the past few months in stopping this avalanche This is waterboarding effort of these people to try to just destroy my phone and get like a call every 30 minutes or so but in the last two weeks like I don't know if they're getting around it they got new numbers whatever but now I'm starting to get more of these stupid robo scam thing calls and whatnot again and they're always the same they're always some insurance thing or they always have a warranty to sell me or or whatnot but there's also some people that are actually like literally scamming you and saying that you know you owe money and you got to pay the police department or whatever talk to me about phone scams and 29 in 2019 Unknown 9:55 Yeah, IRS, etcetera etcetera. I've gotten most as well and the FCC just released these results of a new study. And it's a welcome to 2019 guess what half of all cell phone calls give or take this year are projected to be spam calls these these junk calls, or worse their their phishing attack phishing P-H. Not the not the kind with the line and the hook but what they're trying to do is hook you so they call up I got I was on the floor of a conference and I was actually the exhibitor and I got calls from the IRS. And like, repeatedly, you have to send money and how do you pay the IRS? Well, it turns out from this phone call that I have to buy Apple gift cards and send them to the IRS in order to make good on my debt to Unknown 10:51 it's just crazy. So what do you do? Oh, my gosh. Well, yet you're using Hiya right, Matt? Yes. Okay. Yeah. Hiya, H-I-Y-A is very good at stopping these just in general. But it's gotten so bad because they're, they're using your local area code and prefix when they're calling you. So if a call comes in, and it looks like it's from your neighbor, because it's your neighborhood phone number, you're more likely to answer it, then it's easy to fake and they're continually faking it. And there's no end to this insight. And I hate to say that, so let me tell you what I do. Okay, guys, I've set my iPhone into Do Not Disturb mode. Now, that can be a problem, because there's people who you want to call you. Well, Unknown 11:43 they want to be disturbed, right? Yes. Unknown 11:46 Yeah, exactly. So on the iPhone, what's really nice is I can put it in Do Not Disturb mode. And then I can say, if someone's in my contact list, let the call through. So I have a I have thousands of contacts in my phone. And so if any of them call me it goes right through to my phone. But you know, between us nowadays, when you call someone you kind of expect to get voicemail so if it's not someone who knows you really well, and they end up in your voicemail because you have Do Not Disturb turned on and you have habitat of culture contacts through and great, okay, so your wife's college kids calls, etc. going to come right through. But somebody that you haven't spoken to, in 10 years might go to voicemail. I don't think that's a big deal. But that's what I've done. I've got higher running, I ended up buying the paid version, which is pretty good. And then on top of it now, because it's gotten so bad. And the FCC is agreeing with us. We're not crazy, at least not about this Matt, that, hey, this is going to get worse. So take a look at that. On the Android side. There's a bunch of apps that you can put on your phone. Apple doesn't let apps begin to your phone calls away. Android does. So there's a lot of different options in the Android space. But I have found this to be very, very effective. Unknown 13:15 We are talking to Craig Peterson, he joins us every single Wednesday. Right around this time. I you know, Craig I was kind of I don't know a lot about video by new I remember Mario Brothers and and because I they were kind of cute. And they ran around a lot. Why would Why would a a video game sell for $100,000? Unknown 13:42 I mean, seriously, What? Why? Why? Unknown 13:46 Well, it wasn't 100,000 100,000 Unknown 13:55 Yeah, it's Unknown 13:56 it's interesting because this version of the video games it was sealed. It was unopened. Now just because you have one that might be sealed and unopenedn, it's not probably going to sell $100,000. This was a special version at only sold in New York. And Los Angeles was called sticker sealed so it has a special sticker on it. And it was also certified by this gaming authority of some sort. Unknown 14:25 So it's a collectors' item is what you're saying? Unknown 14:27 big time Okay, big time. But you know, a lot of people loved it. It was one of the big first big games frankly out there for the Nintendo 1985 was when of course it was this version of the game was released. There were some that were a little bit earlier than this but that's why it's sold for that so don't go out digging them up from the basement of the attic. The odds are excellent. Your Nintendo game is probably worth at least $5 okay but it's probably not 100,000 Unknown 14:58 that's such a bummer oh Unknown 15:01 alright Unknown 15:02 we're up Unknown 15:03 Craig Peterson our tech guru joins us at this time every Wednesday and this was no exception appreciate it Craig thanks so much for joining us Unknown 15:11 I'm gonna go to that Malwarebytes place Unknown 15:15 yeah hey if you guys want access to that training I did last week I did record it it's a few hours worth of it all about security stuff just send me an email just me@CraigPeterson.com and and I'd be glad to make it available to Ken or anybody else who wants to. Just me@CraigPeterson.com. Unknown 15:34 all right there it is. Ladies and gentlemen Craig Peterson the man the myth the legend is with us as usual and we'll talk again next week Craig. Unknown 15:40 happy wetness day Unknown 15:43 wetness day indeed. Alright, so coming up at 8:08. Unknown 15:48 That's part of the reason I do these. These hits here on the radio. It's just so much fun. Sometimes. I have fun with these guys. They're a little bit of play around. Anyways, hope you're going to have a great we talk to you later. I'm going back to the treadmill today. Yeah. Isn't that fun? Go Craig. Start an exercise again. Have a great day. Bye bye. --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553

new york google apple technology advice russia brothers microsoft iphone security ladies heard android nintendo maine mac apps boy unknown scams windows moscow irs cisco safari main street chrome spam fcc phone calls orbits firefox malware airing scarborough happy wednesday wreck it ralph super mario brothers robocalls hiya kaminski do not disturb mario brothers malwarebytes windows defender opendns p h right yeah craig peterson cisco umbrella matt yes your pc transcript below wgan windows firewall

EDyO 47 - Nuevos paradigmas de networking, con Christian Adell

Entre Dev y Ops Podcast

Play Episode Listen Later Feb 14, 2019

En el episodio 47 del podcast de https://www.entredevyops.es/ hablamos de los nuevos paradigmas del networking con Christian Adell. Blog EntreDevYOps - http://www.entredevyops.es Twitter EntreDevYOps - https://twitter.com/EntreDevYOps LinkedIn EntreDevYOps - https://www.linkedin.com/in/entre-dev-y-ops-a7404385/ Patreon EntreDevYOps - https://www.patreon.com/edyo Amazon EntreDevYOps - https://amzn.to/2HrlmRw Enlaces comentados: Cisco - https://www.cisco.com Schibsted - https://www.schibsted.com OpenDNS - https://www.opendns.com/ Cisco Umbrella - https://umbrella.cisco.com/ Segment Routing - https://www.segment-routing.net/ Cillium - https://github.com/cilium/cilium Python - https://www.python.org Ansible - https://www.ansible.com/ Salt - https://www.saltstack.com/ Jinja - http://jinja.pocoo.org/ Netmiko - https://github.com/ktbyers/netmiko Napalm - https://napalm-automation.net/ Google Capirca - https://github.com/google/capirca ToDD - https://github.com/toddproject/todd Dropbox NSOT - https://github.com/dropbox/nsot DigitalOcean Netbox - https://github.com/digitalocean/netbox Concourse CI - https://concourse-ci.org/ Network to Code - http://www.networktocode.com/ Perfil LinkedIn Christian Adell - https://es.linkedin.com/in/christianadell Twitter Christiall Adell - https://twitter.com/chadell0 SDN Meetup Barcelona - https://www.meetup.com/es-ES/SDN-and-Network-Programmability-Meetup-in-Barcelona/

network code barcelona networking salt cisco nuevos paradigmas adell jinja cisco umbrella

Launch of CISCOs new SMB Strategy - CISCO Start

Small Biz Matters

Play Episode Listen Later Aug 8, 2018 24:21

Small Biz Matters – a half hour program each week where you can work ON your business rather than IN it.with Alexi Boyd from Boyd Office Management Services The recent Deloitte connected small business report declared that the growth of digital technology in Small business could potentially equate to 50% grow in revenue and 50% more revenue per employee in the sector. Presently small businesses are sitting at only 11%; the basic level where they may only have a website. The growing adoption of cloud based software will assist with this exponential growth. I was invited to the launch of CISCO’s new dedicated SMB strategy on 12th July. Normally when we hear about these things we expect the larger companies to be literally eating smaller ones in their attempt to grab the a chunk of the small business market share (once they realise how lucrative we are). But in this case, they’re recognising the role of small business as the relationship builders, the collaborative force that we are, building daily to improve our reputation, networking and referrals in our own small business community. And the IT Management Consultants are an important component of this CISCO strategy. Cisco wants to be a technology partner. This new portfolio of hardware, software and cloud products offers simple, secure and reliable enterprise-class end-to-end solutions. What does that meant to those of us who aren’t IT Gurus? It’s basically a one stop shop for hardware and software to support you on your rocky IT road. Interestingly they have rolled this out using locally based IT consultant to deliver it to us as small businesses. And that’s what I’m exciting about. The fact that a large company is recognising small business’ strengths as a partner. The solutions have been designed to give SMBs high levels of protection, automation and efficacy, which are fundamental to survival, growth and expansion. There is hardware of course which will be available through retailers like JB HiFi and a great new product called CISCO Umbrella strategy which protects the user against webpages which are deemed to be unsafe or from a particular region who is considered dangerous. They’re also developing partnerships with the likes of Amazon as a marketplace and working with telecommunications companies to develop the resilient infrastructure we so desperately need. The SMB world is growing and it’s great to see a large corporate like CISCO sit up and notice the power of our market. Not only using us for our market share but collaborating also. In this interview we hear from : Ken Boal, Vice President of Cisco ANZ - discuss the growth and roadmap of Cisco’s Small and Medium Business product portfolio, the importance of digital transformation for Australian SMBs and the ongoing cyber security trends and threats that affect them. Peter Strong, CEO of Council of Small Business Organisations Australia (COSBOA) - to discuss the current state and future of SMBs in Australia, underpinned by the adoption of technology. About Cisco Cisco (NASDAQ: CSCO) is the worldwide technology leader that has been making the Internet work since 1984. Our people, products, and partners help society securely connect and seize tomorrow's digital opportunity today. Discover more at newsroom.cisco.com and To find out more go to their website: https://www.cisco.com/c/en_au/solutions/small-business.html

ceo amazon australia internet strategy discover vice president launch council deloitte cisco smb smbs jb hi fi medium business cisco umbrella ciscos

Sicurezza: come proteggersi preventivamente da attacchi malware zero day

Smau Academy

Play Episode Listen Later Jul 16, 2018 35:54

Le intrusioni da parte di malware di ultima generazione sono all'ordine del giorno e le classiche difese perimetrali non riescono, per loro natura, a fornire una protezione completa. A tale scopo Cisco ha elaborato una innovativa soluzione cloud per la protezione da attacchi cyber a livello DNS (domain name server) e caratterizzata da un elevato grado di predittività. La soluzione Cisco Umbrella è in grado di proteggere sia utenti “on net” che “off net” ed è in grado di prevenire anche i cosiddetti attacchi “zero day”, cioè ad opera di malware mai visti prima che nessun Anti Virus riuscirebbe a bloccare

cisco malware dns antivirus sicurezza zero day attacchi cisco umbrella

Episode 26: It's Okay Not To Know ft. Monika Gupta

Almirah Radio Hour

Play Episode Listen Later Jun 26, 2018 19:32

This week, Sheela interviews Monika Gupta (@guptamnka), Senior Product Marketing Manager at Cisco Umbrella, graduate of the University of Michigan's Ross School of Business, and fellow Missourian. They talk about the totally normal ambiguity that comes when defining a career path, creating a life outside of work, and one book pick for the summer. Follow us at @almirahradio. Follow Nina at @onlynina. Follow Sheela at @queenofblah. Our opening track is "Laung Gawacha" by Nucleya. Original music by Michael Dwan Singh. Our cover art is by Mili Sethia. --- Send in a voice message: https://anchor.fm/almirah-radio-hour/message

university business michigan original gupta ross school missourians senior product marketing manager nucleya cisco umbrella

MSP Radio #154 - Protecting Your Clients from Malware and Cyber Threats w/ Cisco Umbrella

Play Episode Listen Later Sep 13, 2017 58:10

On this episode, we welcome on Simon Wenet from Navigate 2017 Platinum Sponsor, Cisco Umbrella, to talk about how the threat landscape has shifted and what MSPs can do to better protect their SMB clients. We also feature a Hurricane Harvey and Irma update, discuss the Equifax breach, share some research on multi-tasking and its impact on productivity, get way too in-depth on how to properly eat corn on the cob, and lastly, close with our small business idea of the week. Tune in now!

clients protecting navigate hurricane harvey malware smb equifax cyber threats msps cisco umbrella

Ep18: Cloud Security and Crytpocurrency with Chris Riviere

Cloud Unfiltered

Play Episode Listen Later Sep 7, 2017 25:20

The best kind of cyber security is the kind that allows you to predict and avoid attacks in the first place! And that's exactly what Cisco Umbrella does. Today we talk with Chris Riviere, Consulting Systems Engineer for Cloud Security about how Umbrella (formerly OpenDNS) works and who's using it to protect their businesses. He's also got quite a bit of knowledge about cryptocurrency, so if you've got an interest in Bitcoin or Ethereum, settle in to hear what he's go to say about that.

bitcoin ethereum umbrella cloud security riviere opendns crytpocurrency cisco umbrella

Brad Antoniewicz, OpenDNS/BSides NYC - Paul's Security Weekly #507