POPULARITY
In today's episode, we'll hear from Craig Jeffery on pentests. What are they, who performs them, and why are they vital for cyber security? Listen in to learn more.
This week's The Leadership in Insurance Podcast
Podcast: ICS Cyber Talks PodcastEpisode: Miri Ofir Director of R&D @Check Point on the cyber-physical systems & embedded cyber protectionPub date: 2024-07-12תחום הגנת הסייבר על מערכות אימבדד (מערכות סייבר פיזיות) עוסק בהגנה על מערכות שבדרך כלל מבוססות על מערכות הפעלה ותוכנה משולבות בפירמוור מצומצם מחד, מאידך כמות המכשירים המפוזרים בעולם מגיע לעשרות ואף מאות מיליוני יחידות. עובדה זו משמשת תוקפים ליצירת מתקפות מסיביות על חברות ע"י שימוש בו זמני במיליוני מערכות אימבדד. בצורה כזו הופלו בעבר חברות התקשורת הגדולות בארה"ב מה שהביא לאי יכולת מתן שירותיים ללקוחות וניתוק אזורים שלמים מתקשורת עם התרחבות הרגולציה בתחום והדרישה מיצרנים להטמיע מערכות הגנה בתוך המוצרים נושא הגנת מערכות סייבר פיזיות תופס תאוצה. חברת צ'ק פוינט הייתה מהראשונות לזהות את הצורך ומתן מענה למוצרי אי.או.טי כבר בעשור הקודם נחשון פינקו מארח את מירי אופיר דירקטורית פיתוח בצ'ק פוינט שהצוותים שלה מסייעים לחברות המייצרות מערכות פיזיות להגביה את חומות הסייבר במוצריהן, בשיחה על הצורך, הדרישה הגוברת של הרגולטורים להגנות משמעותיות ועד כמה שונה ההגנה הסייבר פיזית מהעולם המוכר של האי.טי Cyber protection for embedded and cyber-physical systems (CPS) revolves around securing systems that typically rely on operating systems and software integrated into limited firmware. On the other hand, the number of devices scattered worldwide reaches tens of millions and, in some cases, even hundreds of millions of units. Unfortunately, attackers exploit this vast network to orchestrate massive attacks on companies, simultaneously leveraging millions of compromised systems. In the past, such coordinated attacks have disrupted major communication companies in the US, leading to service outages for customers and disconnections in entire regions. As regulations expand within this domain, manufacturers face increasing pressure to implement robust protection mechanisms in their products. The issue of safeguarding CPS has gained momentum, and companies like Check Point have been at the forefront. Check Point recognized the need for solutions tailored to IoT products as early as the previous decade. Nachshon Pincu hosts Miri Ofir, Director of R&D at Check Point, who illuminates the urgency of robust protections. Her teams work closely with companies that produce physical systems, fortifying their products against cyber threats. This discussion delves into regulators' evolving demands, emphasizing the unique challenges of CPS protection compared to the familiar landscape of traditional IT security.The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Pourquoi la sécurisation des données est-elle un enjeu crucial aujourd'hui ? Pourquoi les chiffrer est-il devenu essentiel ? Où en sont les entreprises sur ce sujet ? Philippe Carrere, Directeur commercial pour les solutions de protection des données chez Thales, nous partage des éléments de réponse dans le nouvel épisode d'Objectif CYBER.
תחום הגנת הסייבר על מערכות אימבדד (מערכות סייבר פיזיות) עוסק בהגנה על מערכות שבדרך כלל מבוססות על מערכות הפעלה ותוכנה משולבות בפירמוור מצומצם מחד, מאידך כמות המכשירים המפוזרים בעולם מגיע לעשרות ואף מאות מיליוני יחידות. עובדה זו משמשת תוקפים ליצירת מתקפות מסיביות על חברות ע"י שימוש בו זמני במיליוני מערכות אימבדד. בצורה כזו הופלו בעבר חברות התקשורת הגדולות בארה"ב מה שהביא לאי יכולת מתן שירותיים ללקוחות וניתוק אזורים שלמים מתקשורת עם התרחבות הרגולציה בתחום והדרישה מיצרנים להטמיע מערכות הגנה בתוך המוצרים נושא הגנת מערכות סייבר פיזיות תופס תאוצה. חברת צ'ק פוינט הייתה מהראשונות לזהות את הצורך ומתן מענה למוצרי אי.או.טי כבר בעשור הקודם נחשון פינקו מארח את מירי אופיר דירקטורית פיתוח בצ'ק פוינט שהצוותים שלה מסייעים לחברות המייצרות מערכות פיזיות להגביה את חומות הסייבר במוצריהן, בשיחה על הצורך, הדרישה הגוברת של הרגולטורים להגנות משמעותיות ועד כמה שונה ההגנה הסייבר פיזית מהעולם המוכר של האי.טי Cyber protection for embedded and cyber-physical systems (CPS) revolves around securing systems that typically rely on operating systems and software integrated into limited firmware. On the other hand, the number of devices scattered worldwide reaches tens of millions and, in some cases, even hundreds of millions of units. Unfortunately, attackers exploit this vast network to orchestrate massive attacks on companies, simultaneously leveraging millions of compromised systems. In the past, such coordinated attacks have disrupted major communication companies in the US, leading to service outages for customers and disconnections in entire regions. As regulations expand within this domain, manufacturers face increasing pressure to implement robust protection mechanisms in their products. The issue of safeguarding CPS has gained momentum, and companies like Check Point have been at the forefront. Check Point recognized the need for solutions tailored to IoT products as early as the previous decade. Nachshon Pincu hosts Miri Ofir, Director of R&D at Check Point, who illuminates the urgency of robust protections. Her teams work closely with companies that produce physical systems, fortifying their products against cyber threats. This discussion delves into regulators' evolving demands, emphasizing the unique challenges of CPS protection compared to the familiar landscape of traditional IT security.
In the bustling atmosphere of the RSA Conference, a conversation unfolded that shed light on the evolution of cybersecurity and the innovative solutions paving the way for a more efficient and effective approach to data management. Colby DeRodeff, the CEO and co-founder of Abstract Security, shared insights into the journey that led to the creation of a groundbreaking platform designed to transform the way organizations tackle data collection, analysis, and threat detection.A Walk Down Memory LaneThe dialogue between Colby DeRodeff and Sean Martin at the RSA Conference delved into the history of cybersecurity, reflecting on the shifts from perimeter security to compliance-driven approaches and the emergence of new technologies like XDR. This introspective look highlighted the need for a paradigm shift in cybersecurity strategies to keep pace with the rapidly evolving threat landscape.Challenges in Traditional ApproachesOne of the key challenges discussed was the inefficiency of traditional SIEM solutions, which often resulted in data overload, lack of actionable insights, and hefty costs associated with data storage. Colby emphasized the importance of focusing on outcome-driven data collection and detection scenarios rather than accumulating vast amounts of data with limited value.The Birth of Abstract SecurityThe catalyst for Abstract Security stemmed from Colby's experiences in previous companies, where the disconnect between data collection and effective threat detection became glaringly apparent. This realization led to the inception of a platform that prioritizes data relevance, streamlining the process of identifying and responding to security threats efficiently.Abstract Security's Unique ApproachAbstract Security's modular platform offers a refreshing take on cybersecurity data management, with a focus on tailored data collection, analytics, and storage solutions. By enabling organizations to align data sources with specific detection outcomes, Abstract Security empowers teams to make informed decisions and optimize their cybersecurity strategies.Seamless Integration with Existing Tech StackOne of the standout features of Abstract Security is its seamless integration capabilities with existing tech stacks. The platform can complement and enhance current security infrastructure without the need for rip-and-replace, offering a smooth transition towards more effective threat detection and response mechanisms.Looking Towards the FutureAs organizations navigate the complexities of cloud environments and evolving cybersecurity challenges, Abstract Security stands out with fresh innovative ideas and practicality. By reimagining the data management process and emphasizing outcome-driven approaches, Abstract Security is poised to shape the future of cybersecurity operations.ConclusionThe conversation between Colby DeRodeff and Sean Martin at the RSA Conference not only highlighted the pivotal role of Abstract Security in revolutionizing cybersecurity data management but also underscored the importance of reevaluating traditional approaches in the face of modern threats. With Abstract Security leading the charge towards a more efficient and proactive cybersecurity landscape, organizations have the opportunity to elevate their security posture and stay ahead of emerging cyber risks.Learn more about Abstract Security: https://itspm.ag/abstractsec-zaoNote: This story contains promotional content. Learn more.Guest: Colby DeRodeff, CEO and Co-Founder, Abstract Security [@get_abstracted]On LinkedIn | https://www.linkedin.com/in/colbyderodeff/ResourcesLearn more and catch more stories from Abstract Security: https://www.itspmagazine.com/directory/abstract-securityView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
In the bustling atmosphere of the RSA Conference, a conversation unfolded that shed light on the evolution of cybersecurity and the innovative solutions paving the way for a more efficient and effective approach to data management. Colby DeRodeff, the CEO and co-founder of Abstract Security, shared insights into the journey that led to the creation of a groundbreaking platform designed to transform the way organizations tackle data collection, analysis, and threat detection.A Walk Down Memory LaneThe dialogue between Colby DeRodeff and Sean Martin at the RSA Conference delved into the history of cybersecurity, reflecting on the shifts from perimeter security to compliance-driven approaches and the emergence of new technologies like XDR. This introspective look highlighted the need for a paradigm shift in cybersecurity strategies to keep pace with the rapidly evolving threat landscape.Challenges in Traditional ApproachesOne of the key challenges discussed was the inefficiency of traditional SIEM solutions, which often resulted in data overload, lack of actionable insights, and hefty costs associated with data storage. Colby emphasized the importance of focusing on outcome-driven data collection and detection scenarios rather than accumulating vast amounts of data with limited value.The Birth of Abstract SecurityThe catalyst for Abstract Security stemmed from Colby's experiences in previous companies, where the disconnect between data collection and effective threat detection became glaringly apparent. This realization led to the inception of a platform that prioritizes data relevance, streamlining the process of identifying and responding to security threats efficiently.Abstract Security's Unique ApproachAbstract Security's modular platform offers a refreshing take on cybersecurity data management, with a focus on tailored data collection, analytics, and storage solutions. By enabling organizations to align data sources with specific detection outcomes, Abstract Security empowers teams to make informed decisions and optimize their cybersecurity strategies.Seamless Integration with Existing Tech StackOne of the standout features of Abstract Security is its seamless integration capabilities with existing tech stacks. The platform can complement and enhance current security infrastructure without the need for rip-and-replace, offering a smooth transition towards more effective threat detection and response mechanisms.Looking Towards the FutureAs organizations navigate the complexities of cloud environments and evolving cybersecurity challenges, Abstract Security stands out with fresh innovative ideas and practicality. By reimagining the data management process and emphasizing outcome-driven approaches, Abstract Security is poised to shape the future of cybersecurity operations.ConclusionThe conversation between Colby DeRodeff and Sean Martin at the RSA Conference not only highlighted the pivotal role of Abstract Security in revolutionizing cybersecurity data management but also underscored the importance of reevaluating traditional approaches in the face of modern threats. With Abstract Security leading the charge towards a more efficient and proactive cybersecurity landscape, organizations have the opportunity to elevate their security posture and stay ahead of emerging cyber risks.Learn more about Abstract Security: https://itspm.ag/abstractsec-zaoNote: This story contains promotional content. Learn more.Guest: Colby DeRodeff, CEO and Co-Founder, Abstract Security [@get_abstracted]On LinkedIn | https://www.linkedin.com/in/colbyderodeff/ResourcesLearn more and catch more stories from Abstract Security: https://www.itspmagazine.com/directory/abstract-securityView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
Sleep easy at night knowing your Salt Lake County practice is protected from cyberattacks by InfoTech Enterprise Solutions dental data security system!Get your custom dental IT solution at: https://www.info-tech.co/dental InfoTech Enterprise Solutions City: Provo Address: 1675 N Freedom Blvd Website: https://www.info-tech.co/dental Phone: +1 801 210 1651 Email: sales@utahinfotech.com
Spring frosts represent a real danger for apple orchards. The changing climate has brought about periods of unusually warm weather at times early in the year that have caused trees and other flowering plants to bloom early. For apple growers, this has made their orchards more susceptible to the damaging effects of extreme cold events. […]
The current state of cybersecurity and the looming threats warrant serious attention. In this Brand Story episode of "Reflections from 2023", Nadav Avital, Head of Threat Research at Imperva, sheds intriguing light on this cyber landscape.Avital outlines prominent threats of 2023, highlighting the prevalence of distinct attacks such as supply chain and distributed denial of service attacks, and business logic attacks. He emphasizes that, to navigate the evolving threat landscape effectively, it is vital to look backward to look forward.Cyberattacks have presented consequential impacts on organizations, from monetary losses to operational disruption, and even reputational damage. For instance, Avital mentions how ransomware attacks and denial of service attacks have left businesses grappling with restoring systems, ransom payments and downtime, citing examples from real-life scenarios drawn from his observations.Imperva's Threat Research team takes on the monumental task of monitoring, analyzing, and protecting against these cyber threats. They utilize open-source intelligence, deep web resources and data from deployed sensors and customer networks. This multifaceted intelligence gets productized and integrated into Imperva's solutions, ensuring customers can focus on their businesses rather than worrying about cyber threats.However, the battle against cyber threats extends beyond just protective measures. Raising awareness through communication plays a crucial role in helping the broader business and cybersecurity community understand and tackle these threats. The sharing of research findings through various channels such as blogs, newsletters and reports, helps impart invaluable knowledge, equipping readers with the necessary context and understanding of the evolving threat landscape.Imperva's forward-thinking approach in harnessing different intelligence resources to create protective solutions demonstrates their unrivaled expertise in the realm of cybersecurity. As Avital pointed out, it's not solely about using advanced techniques for quality attacks but also about creatively using existing ones.As cyber threats continue to evolve, it's paramount for organizations and cybersecurity professionals to stay abreast of these trends. Resources and research made available by teams like Imperva's Threat Research serve as a goldmine of intelligence information commanding our attention. Make cybersecurity a priority, leverage resources at your disposal and stay a step ahead of threats. Connect with the Imperva Threat Research team and be part of their mission to secure cyberspace. Imperva's journey into innovations and solutions is one worth following and learning from as we continue moving forward in this cyber landscape. Note: This story contains promotional content. Learn more.Guest: Nadav Avital, Head of Threat Research at Imperva [@Imperva]On Linkedin | https://www.linkedin.com/in/nadav-avital-a508244/On YouTube | https://www.youtube.com/channel/UCH5blYEvvzUcWD7ApRVP9YgResourcesLearn more about Imperva and their offering: https://itspm.ag/imperva277117988Imperva Threat Research: https://www.imperva.com/cyber-threat-index/threat-research/Catch more stories from Imperva at https://www.itspmagazine.com/directory/impervaAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
The current state of cybersecurity and the looming threats warrant serious attention. In this Brand Story episode of "Reflections from 2023", Nadav Avital, Head of Threat Research at Imperva, sheds intriguing light on this cyber landscape.Avital outlines prominent threats of 2023, highlighting the prevalence of distinct attacks such as supply chain and distributed denial of service attacks, and business logic attacks. He emphasizes that, to navigate the evolving threat landscape effectively, it is vital to look backward to look forward.Cyberattacks have presented consequential impacts on organizations, from monetary losses to operational disruption, and even reputational damage. For instance, Avital mentions how ransomware attacks and denial of service attacks have left businesses grappling with restoring systems, ransom payments and downtime, citing examples from real-life scenarios drawn from his observations.Imperva's Threat Research team takes on the monumental task of monitoring, analyzing, and protecting against these cyber threats. They utilize open-source intelligence, deep web resources and data from deployed sensors and customer networks. This multifaceted intelligence gets productized and integrated into Imperva's solutions, ensuring customers can focus on their businesses rather than worrying about cyber threats.However, the battle against cyber threats extends beyond just protective measures. Raising awareness through communication plays a crucial role in helping the broader business and cybersecurity community understand and tackle these threats. The sharing of research findings through various channels such as blogs, newsletters and reports, helps impart invaluable knowledge, equipping readers with the necessary context and understanding of the evolving threat landscape.Imperva's forward-thinking approach in harnessing different intelligence resources to create protective solutions demonstrates their unrivaled expertise in the realm of cybersecurity. As Avital pointed out, it's not solely about using advanced techniques for quality attacks but also about creatively using existing ones.As cyber threats continue to evolve, it's paramount for organizations and cybersecurity professionals to stay abreast of these trends. Resources and research made available by teams like Imperva's Threat Research serve as a goldmine of intelligence information commanding our attention. Make cybersecurity a priority, leverage resources at your disposal and stay a step ahead of threats. Connect with the Imperva Threat Research team and be part of their mission to secure cyberspace. Imperva's journey into innovations and solutions is one worth following and learning from as we continue moving forward in this cyber landscape. Note: This story contains promotional content. Learn more.Guest: Nadav Avital, Head of Threat Research at Imperva [@Imperva]On Linkedin | https://www.linkedin.com/in/nadav-avital-a508244/On YouTube | https://www.youtube.com/channel/UCH5blYEvvzUcWD7ApRVP9YgResourcesLearn more about Imperva and their offering: https://itspm.ag/imperva277117988Imperva Threat Research: https://www.imperva.com/cyber-threat-index/threat-research/Catch more stories from Imperva at https://www.itspmagazine.com/directory/impervaAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
Discover with me in this episode the nuances behind Cisco's $28 billion acquisition of Splunk AI Security, examining how this monumental move is set to redefine the landscape of cybersecurity through innovative AI-driven defensive measures. Invest in AI Box: https://Republic.com/ai-box Get on the AI Box Waitlist: https://AIBox.ai/ AI Facebook Community Learn more about AI in Video Learn more about Open AI
The saying goes, that the weakest link in the chain of cybersecurity is people. But what about a change of perspective? People, instead, could be considered the first line in a cyber battlefield. An approach that signalled a change of mindset in Moldova, for example, within the ongoing EU-funded project on developing cybersecurity rapid assistance. Including citizens in the scope, next to technical development, to increase online safety.In this episode of the Digital Government Podcast, Rica Williams joins us to discuss the awareness-raising on cybersecurity. As an Expert and Communication Expert involved, from eGA's side and that of local initiative (Digital Safety) Siguranța Digitală, we delve into what comes after disseminating valuable information, and some key tips to stay safe online.
In this episode, we had the pleasure of talking with Lou Covey the editor of Cyber Protection Magazine and the Crucial Tech podcast. Although, we have a deep interest in both these subjects, in this podcast episode we dove into the world of industry-specific media both on the side of journalism and a bit on the economics of running and editing this type of publication. As you will hear, Lou has a background not only in publishing but also in PR and media. When you talk to someone with such a diverse background and experience you get a great view from both sides of the table when it comes to PR. Industry-specific media also has its own nuances and economic model. We get the chance to dive deeper into how companies can better appeal to industry media and particularly about the unique cooperation marketing and press coverage have in industry-specific media. Lou has been doing journalism everywhere from local news to well-known publications like the New York Times. So he brought all his experience to the table sharing information on the origins of the term earned media (go Finland!) and his decision-making on what to cover for Cyber Protection Magazine. He talks about the balance between news sourcing, and sponsorship. We also discuss journalism ethics within industry-specific media, his observations of how marketing and salespeople work together inside companies, and where journalism and PR fit within that combination. And an unforgettable history lesson about free press and advertising. I really enjoyed not only the facts and observations that Lou brought to the table but also the real-life stories of his experiences that brought home this key area of journalism. Both the magazine and the podcast are looking to be a source of knowledge about the area of cybersecurity where there are not that many voices clarifying the landscape of more than 5,000 companies that are offering products and services. So, if you are looking to get industry-specific coverage for your company, this episode is a great opportunity to hear great advice from the inside.
We caught up during Gitex 2023 edition with James Slaby, the Director of Cyber Protection at Acronis. He spoke about the latest cybersecurity with Acronis
We caught up during Gitex 2023 edition with James Slaby, the Director of Cyber Protection at Acronis. He spoke about the latest cybersecurity with Acronis
Ready to crack open the complexities of AI copyrighting? Prepare to immerse yourself in an ocean of technology dilemmas, as we bring you an exploration of AI's role in the creative world and the controversies that surround it. Sparked by a recent ruling barring AI from receiving copyrights, we'll dissect the case of Stephen Thaler's AI-generated artwork 'Recent Entrance to Paradise' and its subsequent denial of copyright due to lack of human authorship. As we question what truly constitutes an 'original' work, you'll be left pondering the future of AI and its impact on creativity.Ever wondered how AI bias can lead to the spread of misinformation? Brace yourself for a humorous yet alarming discussion on Google AI's ridiculous responses and the potential consequences of such errors. Using the Angel of Death Mushroom as an example, we'll highlight how inadvertently, AI can become a vessel of incorrect data. We are also going to scrutinize ground-breaking research on AI and how it's available for public testing. As we move to the darker side of technology, we will touch upon the world of cyber protection and the necessity of VPNs. With Google Chrome's impending malware detector and Elon Musk's contentious decisions about his X platform, we aim to keep you informed about the growing need for cyber safety. And just when you think the twists and turns are over, we dive into the controversy surrounding Musk's decision to remove the blocking feature from Twitter. From increased toxicity to potential app store violations, we've got it all covered. So, don your thinking cap, pour yourself a glass of whiskey and get ready for an enlightening journey through the world of tech - the good, the bad, and the ugly.This week on TechTime with Nathan Mumm®, Despite its best efforts, AI cannot get copyrights for original artwork. Googles' new AI lets testers know the benefits of genocide, among other ridiculous and wrong answers. Neuroscientists have been able to recreate a Pink Floyd song from brainwaves. And is Elon trying to wreck the Platform Formally Known As Twitter?Gwen Way will join us to discuss Google Chrome's upcoming Malware Detector and whether that is good.Join us on TechTime Radio with Nathan Mumm, the show that makes you go "Hummmm" Technology news of the week for August 20th – 16th, 2023
I'm going to sound like an old woman now but... Back in my days, if someone for example bullied you, you can physically see that someone and know who that someone is which makes it easier to report to your trusted person and hopefully get some sort of resolution. Also, there is probably only one bully or maybe a few only. Nowadays, as soon as you access the internet, there are an unknown number of these bullies and "cyber creeps," you have no clue who they really are which makes it hard to get any resolution. So how do we protect ourselves and our families from them so that we can feel safe using the wonders of technology? On this episode, I chat with Dawn McCarty on: How to protect yourself (and your family) from "cyber creeps" The importance of having security in everything Finding peace after abduction The importance of using your voice to heal Plus so much more! Dawn is an Online and Cyber Security Expert and CEO and Founder of Securing Everything. She is passionate about empowering families with online safety knowledge. With a background in Information Security Engineering, criminal justice, and human behaviours, Dawn has emerged from adversity that allows her to uniquely bridge the gap between technology and people, as she works to ultimately keep kids safer in this digital age. Through her "Digital SAFE Zone" courses, Dawn empowers people to be proactively safer online and she transforms concerned parents into Digital Safety Ninjas, ready to protect their families from the hidden dangers of the digital world. Connect with her and embark on this crucial journey of online safety education. For more about Dawn Website - www.securingeverything.com Instagram - www.instagram.com/iamdawnmccarty Facebook - www.facebook.com/iamdawnmccarty LinkedIn - www.linkedin.com/in/iamdawnmccarty YouTube - www.youtube.com/dawnmccarty For more about host KaKi Lee Website - www.kakilee.com Facebook Page - www.facebook.com/kakiverse888 Instagram - www.instagram.com/kakiverse888 Check out KaKi's Signature Coaching Program - Unlimited Abundance Academy - www.kakilee.com/unlimited-abundance-academy Interested in working with KaKi? Have an Abundance Tea
Austin McChord is a relentless entrepreneur whom many of you will know as the founder and CEO of Datto, which was recently sold to Kasaya for $6.2 billion dollars. He is also a founder at Casana (a medical device company where he is the CEO), Havoc Robotics, Outsiders Fund, and serves on the boards of Zorus and Shelf. Perhaps most importantly for this show, he is a co-founder and chairman at Cork, a cybersecurity solution for managed service providers (MSPs - heads up I'm going to use that term a lot in this episode). Carlson Choi is a co-founder and CEO of Cork. Prior to founding Cork, Carlson held technology leadership roles at Datto, Superluminal, Jack in the Box, Jollibee Foods Corporation, Mattel, and Activision Blizzard. He has dedicated his career to launching disruptive industry product and solutions from the earlier days of online digital gaming, digital to life toys, and mobile food ordering.
Kevin Daisey welcomed Greg Tomchick and Jeff White from Valor Cybersecurity to The Managing Partners Podcast to discuss the importance of cybersecurity to law firms and to provide helpful tips. Greg started his career in software development and when his team experienced a cyber attack, he decided to learn more about cybersecurity and joined a defense contractor. Greg and Jeff then came together and started Valor Cybersecurity. During the podcast, they discussed the importance of cybersecurity to law firms and the steps that lawyers can take to ensure their security. They concluded with the importance of taking the necessary steps to protect their data and the baseball flare in the background. Greg and Jeff are both ODU graduates who have experience in the defense and cybersecurity spaces. Greg played professional baseball and has knowledge of how to lead in high stakes environments. Jeff has worked in defense and the PCI side of credit card security compliance. He then went on to help manage service providers and Fortune 50 companies with their evolving cyber threat landscape. They are currently working together at a company called Cyber Defense Labs. Jeff and Greg appreciate the opportunity to share their experience and knowledge with others. They typically interview managing partners to learn about their law firms and what they're doing to be successful in terms of operations, marketing, and any other unique strategies they may have. Valor Cybersecurity is a company that works with law firms to provide cybersecurity expertise and knowledge. The founders, Jeff and Greg, both have experience in the cybersecurity space and noticed that there was a paywall in place for companies to access the knowledge they had. To solve this problem, they created Valor Cybersecurity as a way for companies to receive the expertise and knowledge they needed at an affordable price. The company is also well-branded and provides a website for customers to explore the services they offer. Valor Cybersecurity works with law firms to help them protect their business from cyber threats and provide them with the resources they need to stay safe. Valor Cybersecurity is a small cybersecurity firm that works with law firms to help protect their information and data. The team at Valor believes that cybersecurity is not just a technology issue, but a people, process, and technology issue. They focus on understanding the threats to the business from all three areas and providing solutions to help protect the law firm. They understand that law firms are targets and that they need to be protected, so they try to lower the paywall to make sure that everyone can get the advice they need. They provide services such as Ada compliance to protect law firms from lawsuits. They suggest that law firms should be mindful of their people, processes, and technology in order to stay secure.
We all know that data breaches are nightmares and the legal ramifications can be far worse than the breach itself. So what can we do to protect ourselves? This week, Zach and Mike welcome attorney John Gray, Chair of Data Privacy and Cybersecurity of Lewis Roca, who specializes in Data Privacy law. He shares how companies can prepare in advance to reduce the legal ramifications often associated with cyber attacks. He also covers issues around nation-state threat actors and various malicious activities in today's environment.Pick up your copy of Cyber Rants on Amazon.Looking to take your Cyber Security to the next level? Visit us at www.silentsector.com. Be sure to rate the podcast, leave us a review, and subscribe!
In this episode of CHATTIN CYBER, Marc Schein interviews Emil Bove, Trial and Investigations Lawyer at Chiesa Shahinian Giantomasi (CSG). Emil has extensive experience working in both the public and private sectors, starting his career as an assistant United States attorney specializing in cyber risk. Today, he speaks about the new sanctions announced against Russia following the invasion of the Ukraine, why Russia might push its financial transactions and assets into the crypto space, cyber enforcement trends pertaining to the same, and the recent collaboration of the private sector and the government sector for speedy cyber law enforcement and protection. Recently, in the aftermath of the Russian invasion of Ukraine, the US Treasury department announced a lot of sanctions against Russia. One result of that is that banks are trying to comply with the sanctions on both US financial institutions and international institutions, identifying their exposure to the sanction parties, sanction relationships, and figuring out how to address that exposure – whether that's blocking assets in some instances, or ending client relationships in others. Secondly, we're anticipating mechanisms for any sanction party to engage in sanctions evasion and access the international financial system and even the US financial system directly through correspondent accounts. Sanction parties need to innovate. Russian parties are also expected to push financial transactions and assets into crypto. Emil also discusses the trends in cyber enforcement. With Russia likely to venture into the crypto space, care needs to be taken while enforcing sanctions as not everybody is a Russian actor. Clients have to be sensitive to sanctions compliance. Recently, the OFAC has been sanctioning crypto service providers, some of which are based in Russia, who are non-compliant with US expectations for transparency and staying away from ransomware. Both on the regulatory and criminal sides, the government will be looking at public examples of non-compliant actors who are not seeking to implement the sanctions intended to choke back on Russia's access to the financial system. Another thing Emil talks about is the private sector's collaboration with the government in connection with the above sanctions. He predicts that the partnership will be significant because the technological expertise of the private sector can help speed up the government's work. The technologies used so far have repeatedly shown themselves reliable and trustworthy and have generated accurate results. For more, tune in to today's episode! Highlights: “There's a cyber component to the banks trying to comply with the sanctions to both US financial institutions and really international institutions, taking a look at what OFAC is doing. And identifying their exposure to these now sanctioned parties and sanction relationships, and figuring out how to address that exposure, whether that's blocking assets in some instances, or ending client relationships in others.” “There are a few understood mechanisms for any sanction party to engage in sanctions evasion, to access the international financial system, and sometimes even the US financial system directly through correspondent accounts. Sanction parties are going to need to take some new steps to do some innovation. And I think that one way that we're going to see that is Russia as a sovereign, and also just sanctioned Russian parties over there are going to push financial transactions and assets into the crypto space.” “There's then now a public opinion that sort of authorizes and endorses law enforcement collaboration with the private sector and use private sector tools in a sophisticated and developing space where government technology, especially in the law enforcement side, may not be quite as up to speed as where the more well resourced private sector parties are endorsing that and I think you'll see that going...
Amy B has returned from a January in the UK. Brr! That said, we are happy to report that she kept warm and the pubs are a-boomin'... Segment One: Five Minutes with a Smart Guy - Dave Seibert! It's said humans can only concentrate for a good 15 minutes...Today, we explore five minutes of focus with our friend and renowned smart guy, Dave Seibert. Dave Seibert is a leader, author, speaker, and awarded influencer in the technology industry. His 35 year career includes Fortune 50 & 100 corporations, National IT Franchises, Business and Startups. Let's pick at his brain, shall we? You can pick his brain further at SMB Techfest. We hope to see you there! Segment Two: Attaining YOUR Personal Goals & Microsoft Layoffs Amy B's peer group is going live! We discuss the simple method that will propell you to success and, to quote Amy, "Make it rain.". Hint, hint: marketing is kind of important. Speaking of marketing, chatGPT remains relevant: Amy B uses it for content creation. Remember, it's still in beta, so before you blindly chatGPT up your next newsletter, it's best to give it an old fashion peer review. Oh yeah...and Microsoft...again. Resources and Links: For free sign up to the SMB Techfest: https://smbtechfest.com/go/karl Karl's Annual State of the Nation Address https://mspwebinar.com/ James Event http://bit.ly/kernanmastermind Amy B's Peer Group https://www.thirdtier.net/2023/01/02/new-growth-focused-peer-group/ Sponsor Memo: Acronis Every client needs Cyber Protection. But that doesn't mean service providers have to deploy a jumbled patchwork of solutions to get it done. Modern protection starts with Acronis Cyber Protect Cloud. Acronis combines backup, anti-malware, endpoint protection, management and robust ransomware defense all from a single console. That's why successful MSPs use Acronis to generate more recurring revenue AND reduce churn. It's easy to get started at https://acronis.com :-)
Rafael Broshi is Co-Founder and CEO of Notch, an MGA offering new insurance products for individuals and micro businesses. Notch provides insurance and security solutions for digital assets, starting with a business' digital storefront - their social media account. Medium- and large-sized businesses have access to cyber insurance for damages created via email, social media, direct messengers etc. Businesses rely on social media for distribution and as a source of growth and income. Notch's social media coverage product is admitted in the US, written on HSB paper (an AA+ rated carrier) and protects against account takeover. The outcome is loss of income insurance for up to three months with a semi-parametric and semi-automated claims process. Notch's product specializes on micro-businesses with up to 20 employees, with most of its customers making up to half-million dollars in revenue per year. Notch is selling direct to small businesses to understand the market, and is now starting retail agent expansion with an exact knowledge of their customer typology. The brain of Notch's product uses public data to instantly evaluate the customer need, rather than relying on collecting information from the customer. Parametric insurance relies on an outside check to trigger the claims process, but it relies on whether there was a real loss. Notch is semi-parametric because they determine semi-automatically whether an incident has occurred and when to pay a claim. Follow the Insurtech Leadership Podcast airing weekly hosted by Joshua R. Hollander. We give you up-close access and personal insights from the leaders of the fastest-growing #insurtechs and most innovative #insurance carriers and brokers.
Topic 1: Algorithms Need Management Training, Too! From Wired Magazine. Human beings excel at avoiding responsibility for difficult decisions. Management and personnel decisions are often difficult. Therefore, they are great candidates for turning decision-making over to the bots. What could possibly go wrong? https://www.wired.com/story/platform-work-labor-economy-ai/ Topic 2: Microsoft drops $1 Billion on ChatGPT I should have bought more Microsoft stock yesterday. :-) Looking to the true “next level” of product development. Microsoft was an early investor in ChatGPT https://www.businessinsider.com/microsoft-openai-investment-the-smartest-1-billion-ever-spent-2023-1 Topic 3: Apple to drop Broadcom chip and make their own. Is this just the never-ending story of “control” of supply chain, or is there a strategy for secret development here? (Are there future technologies that are more easily developed in private, when you don't have to share future features with an outside chip builder?) https://www.reuters.com/technology/apple-drop-key-broadcom-chip-2025-in-house-design-bloomberg-news-2023-01-09/ Sponsor Memo: Acronis Every client needs Cyber Protection. But that doesn't mean service providers have to deploy a jumbled patchwork of solutions to get it done. Modern protection starts with Acronis Cyber Protect Cloud. Acronis combines backup, anti-malware, endpoint protection, management and robust ransomware defense all from a single console. That's why successful MSPs use Acronis to generate more recurring revenue AND reduce churn. It's easy to get started at https://Acronis.com
Gavin Curtis, Head of IT at Town Legal LLP joins the show to discuss application integration and the importance of user expereince, cyber security and change management. View the show notes: https://cts.co.uk/hub/videos/podcast-gavin-curtis-town-legal-llp/“The first thing to do is understand the user, what the user wants to achieve, understand their work methodology, and what their workflow process is.” Intro (00:00)User Experience and Application Integration (01:05) Cyber Security (06:44) Change Management (09:38)Town Legal's plans for 2023 (10:52)
In this episode, Richard Tubb talks to James Slaby. James is the Director of Cyber Protection and Solutions Marketing at Acronis. This role sees him creating assets, identifying markets to expand into and delivering talks and webinars on all things cybersecurity. Acronis are a multinational tech company with a focus on cyber protection, cybersecurity and supporting MSPs and businesses to keep their data safe. This interview was recorded live at the CyberFit Summit in Miami, Florida, in November 2022.James and Richard talked about what cyber protection is, and why MSPs need to help their clients to understand that it's a continual process. James also explained the importance of cyber protection for cloud services.They discussed where MSPs and their clients are exposing themselves to attacks, why all businesses need disaster recovery, why MSPs should protect their clients against ransomware attacks, and how cybersecurity awareness training can help businesses.James also talked Richard through some of the Acronis products and why the solution is so easy to deploy. They looked at how the company has become a household name and how sports team-ups have helped – and how MSPs can do the same.Mentioned in This EpisodeHow to register for next year's CyberFit eventChannel Futures articleeBook: Assessing the Software Supply Chain Cybersecurity RiskAcronis CyberFit Sports Team-up
Learn from cyber intelligence experts about the impacts of cyber attacks and how to protect your business. Hosted on Acast. See acast.com/privacy for more information.
Cape Breton's Information Morning from CBC Radio Nova Scotia (Highlights)
The provincial Justice Department released its review of the cyberbullying act. Our legal columnist, Wayne MacKay takes a look at the recommendations.
There are two types of companies, those who have been attacked, and those who will be attacked. In this podcast, we look at a specific example of a fraud attack in the manufacturing sector. Joining Craig Jeffery on this podcast are Adrienne Terpak of TD Bank and Robert Dennerlein of Mainetti. They cover topics like assessing and understanding the threat, training, insurance, and assignment of roles.
Within the Shaped for Law podcast, we have started rolling out a new and different form of episodes. These engaging and insightful webinars dives deeper into a specific topic related to Legal Tech. In the first episode of this series within Shaped for Law, we are joined by Caroline Hill, Editor-in-Chief at Legal IT Insider and James Temple, COO at Seddons, who discusses digitisation, IT innovation, and IT vendors within the legal sector.View the show notes: https://hubs.ly/Q01f-9PF0“With a lot of firms, there is still a long way to go. They have loads of potential that is not being realised. People are overwhelmed with technology solutions and not getting to grips with them. There's lots of untapped potential where people could be using technology more to make themselves more efficient, but they are not.”Contact CTS today to find out how we can help your firm reach its full potential: https://hubs.ly/Q019X0Hk0
In the latest episode of #IMM, Christine speaks with Lou Covey, Editor for Cyber Protection Magazine
Our Pre-Sales Solutions Architect, Stacey McDonald, joins us in the second episode of The Brief, a series within the Shaped for Law podcast. In this episode, Stacey examines the current state of technology, as well as technologies we can expect to see in the near future.In addition to, he examines his role and why it is so important to both CTS and our clients. "Essentially what my role is supporting the commercial team with technical advice, and also supporting the delivery team and giving them them the information that was agreed with the client commercially. [...] I see myself as the glue between the commercial and the technical."Watch it on YouTube: https://youtu.be/Kf6UT6Pdy8I
Christian Toon, Chief Information Security Officer at Pinsent Masons joins the show to discusses security in the legal sector from the perspective of a CISO, including firms' response time to cyber-attacks, availability of funds, and the need for cyber leadership for the continued protection and survival of the firm. View the show notes: https://hubs.ly/Q01cj6vJ0"Security, as we are seeing now more than ever, especially from our clients, is becoming one of the single biggest things they want to talk to us about. So, why would you not have that elevated to the right level within your organisation?"
More and more, the Defense Department's weapons systems must be cyber resilient. Now there's a publicly available webinar for science and engineering people that outlines what DOD calls its Cyber Resilient Weapon Systems Body of Knowledge. The webinar takes an hour to get through. Melinda Reed is director for resilient systems, in the office of the Under Secretary of Defense for Research and Engineering. She talked with Tom Temin.
We are rolling out a new series within our Shaped for Law podcast called The Brief, where we focus on the people within a legal tech service provider. Short, sweet and loaded with insights. The first episode of this series features CTS' Head of Client Success, Fiona Hamilton. Fiona explores her role at CTS, including the importance of helping client reach their goals and the challenges that arose as a result of merging three businesses – CTS, CBS, and Sprout IT - during the pandemic. "We are doing a lot of end-user support for our clients. We are working, on occasion, with IT teams. So, ultimately, the goal there is to drive that excellence, to make sure that the user experience with us, the end-user or our users of clients' clients are seeing and experiencing IT as a facility or for their business."
Patrick Hurley is the Vice President of Global Speciality Support at Thomson Reuters and joins us to discuss a range of topics including digitisation within the legal industry, future strategy, what it is that lawyers want and cloud technology. View the show notes: https://hubs.ly/Q01b5Jft0“The other is the concept of open platforms and the ability to connect with a partner ecosystem, with your clients' clients. […] Just the systems talking to each other in an open and easy to configure manner, I think that's the way of the future.”
Scott Bozinis is the CEO of InfoTrack UK and joins us to chat about a range of topics including COVID-19 and its effects on the legal industry, the importance of IT vendors in the legal space and client expectations of law firms in this digital era. “Where we stand today, if you are a firm and you are not able to fully transact with your clients virtually, you are probably not going to get the referral business and you are probably not going to give your clients the experience that they are getting in every other industry. And we know what happens to the industries that don't sort of, you know, move on and digitise.”https://cts.co.uk/hub/blog/shaped-for-law-scott-bozinis
Cyber Security Matters, hosted by Dominic Vogel and Christian Redshaw
John Zanni is today's guest on the Cyber Security Matters podcast, hosted by Dominic Vogel and Christian Redshaw. John is the CEO of Acronis SCS, an American cyber protection and edge data security company exclusively dedicated to meeting the unique requirements of the US public sector. In this episode we will discuss: -The impact of ransomware on the public sector -Why the size of an organization doesn't matter when it comes to prioritizing cyber security -What is the answer for cyber challenges the public sector is facing? -What is the Cyber Protect Cloud solution? Want to connect with John? Here are a couple of ways that you can do exactly that: -Website: http://www.acronisscs.com/ -LinkedIn: @johnzanni -Twitter: @jzanni_hosting
Mark Parr joins the show to discuss data, insights, lawyers, and collaboration on a global scale.He discusses how data may be maintained, reused, and analysed. He also emphasises why lawyers need to understand data and be able to reuse it for their clients' needs. “The journey we are going on is one to understand data we have, where it is, how we use it, manipulate it, store it, make it available. But also, how we can draw the insight from that, how we can learn from it, how we can find market trends. [...] And how we can make that data useful for our clients." https://cts.co.uk/hub/blog/shaped-for-law-mark-parr
Citizens School will accept cryptocurrency as a mode of payment, making it the first of its kind in the Middle East education sector to welcome digital currency payments for tuition fees. We speak to its founder, Dr. Adil Alzarooni. Plus, bonuses are back with a bang, but which sectors are faring better than others? We asked Aon's Ray Everett about what benefits employees across industries can expect for 2022. And we speak to the UK's former Deputy National Security Advisor, Paddy McGuinness about how cybercrime is escalating alongside the war in Ukraine - and what companies need to do to protect themselves. See omnystudio.com/listener for privacy information.
David Aird joins the show to discuss bringing your ‘whole self' to work, winning the war for talent and the security threats that keep him awake at night.He talks about the importance of diversity and how workplaces can benefit from being a safe and welcoming space for everyone. "Be yourself. If people are themselves, their best versions, then they are also going to bring their best to work.”
Weekly Show #1158 We know the Russians have been attacking us. I've talked a lot about it on the radio and TV over the last couple of weeks. So I am doing something special; we are going through the things you can do to stay safe from the latest Russian attacks. Last week, we started doing something I promised we would continue -- how can you protect yourself when it comes to the Russians? The Russians are the bad guys when it comes to bad guys. So there are a few things you can do. And there are a few things; frankly, you shouldn't be doing. And that's precisely what we're going to talk about right now. Today, I explain: - How to protect your back-end - Preventative measures - The new rules of backing up your computer As usual, we'll cover the What, Why, and How's. [Automated transcript follows] [00:00:39] So last week he went over some steps, some things that you can look at that you should look at that are going to help protect you. And we are going to go into this a whole lot more today. And so I want you to stick around and if you miss anything, you can go online. You can go to Craig peterson.com, make sure you sign up there for my email. [00:01:01] And what I'm going to do for you is. Send you a few different documents now where we can chat back and forth about it, but I can send you this. Now I'm recording this on video as well as on audio. So you can follow along if you're watching either on YouTube or. Over on rumble and you can find it also on my website. [00:01:26] I've been trying to post it up there too, but right now let's talk about what we call passive backend protections. So you've got the front end and the front end of course, is. Stuff coming at you, maybe to the firewall I've mentioned last week about customers of mine. I was just looking at a few customers this week, just so I could have an idea of their firewalls. [00:01:52] And they were getting about 10 attacks per minute. Yeah. And these were customers who have requirements from the department of defense because they are defense sub subcontractors. So again, Potential bad guys. So I looked up their IP addresses and where the attacks were coming from. Now, remember that doesn't mean where they originated because the bad guys can hop through multiple machines and then get onto your machine. [00:02:22] What it means is that all, ultimately they ended up. Coming from one machine, right? So there's an IP address of that machine. That's attacking my clients or are attacking my machines. That just happens all the time. A lot of scans, but some definite attacks where they're trying to log in using SSH. [00:02:42] And what I found is these were coming from Slovakia, Russia, and Iran. Kind of what you were expecting, right? The Iranians, they just haven't given up yet. They keep trying to attack, particularly our military in our industry. One of the things we found out this week from, again, this was an FBI notice is that the Russians have been going after our industrial base. [00:03:09] And that includes, in fact, it's more specifically our automobile manufacturers we've already got problems, right? Try buying a new car, try buying parts. I was with my friend, just this. I helped them because he had his car right. Need to get picked up. So I took him over to pick up his car and we chatted a little bit with this small independent automotive repair shop. [00:03:34] And they were telling us that they're getting sometimes six, eight week delays on getting parts and some parts. They just can't. So they're going to everything from junkyards on out, and the worst parts are the parts, the official parts from the car manufacturers. So what's been happening is Russia apparently has been hacking into these various automobile manufacturers and automobile parts manufacturers. [00:04:03] And once they're inside, they've been putting in. A remote control button net. And those botnets now have the ability to wake up when they want them to wake up. And then once they've woken up, what do they do? Who knows? They've been busy erasing machines causing nothing, but having they've been doing all kinds of stuff in the past today, they're sitting there. [00:04:24] Which makes you think they're waiting, it's accumulate as much as you possibly can. And then once you've got it all accumulated go ahead and attack. So they could control thousands of machines, but they're not just in the U S it's automobile manufacturers in Japan. That we found out about. [00:04:44] So that's what they're doing right now. So you've got the kind of that front end and back end protections. So we're going to talk a little bit about the back end. What does that mean? When a cybersecurity guy talks about the backend and the protections. I got it up on my green right now, but here's the things you can do. [00:05:03] Okay. Remember, small businesses are just getting nailed from these guys, because again, they're fairly easy targets. One change your passwords, right? How many times do we have to say that? And yet about 70% of businesses out there are not using a good password methodology. If you want more information on passwords, two factor authentication, you name it. [00:05:30] Just email me M e@craigpeterson.com. I want to get the information out now. You got to make sure that all of the passwords on your systems are encrypted are stored in some sort of a good password vault as you really should be looking at 256 bit encryption or better. I have a vendor of. That I use. So if you get my emails every week, when them, there's the little training. [00:05:59] And so I'll give you a five minute training. It's written usually it's in bullet point for, I'm just trying to help you understand things. That provider of mine has a big database and there's another provider that I use that is for. So the training guys use the database of my provider. [00:06:20] In using that database, they're storing the passwords and the training providers putting passwords in the clinics. Into the database, which is absolutely crazy. So again, if you're a business, if you're storing any sort of personal information, particularly passwords, make sure that you're using good encryption and your S what's called salting the hash, which means. [00:06:46] You're not really storing the password, just joining assaulted hash. I can send you more on this. If you are a business and you're developing software that's, this is long tail stuff here. Configure all of the security password settings so that if someone's trying to log in and is failing that, and you block it, many of us that let's say you're a small business. [00:07:08] I see this all of the time. Okay. You're not to blame. You, but you have a firewall that came from the cable company. Maybe you bought it at a big box retailer. Maybe you bought it online over at Amazon, as hurricane really great for you. Has it got settings on there that lets you say. There's 20 attempts to log in. [00:07:31] Maybe we should stop them. Now, what we do personally for our customers is typically we'll block them at somewhere around three or four failed attempts and then their passwords block. Now you can configure that sort of thing. If you're using. Email. And that's an important thing to do. Let me tell you, because we've had some huge breaches due to email, like Microsoft email and passwords and people logging in and stealing stuff. [00:07:59] It was just a total nightmare for the entire industry last year, but limit the number of login retries as well as you're in there. These excessive login attempts or whatever you want to define it as needs to lock the account. And what that means is even if they have the right password, they can't get in and you have to use an administrative password in order to get in. [00:08:25] You also want to, what's called throttle, the rate of repeated logins. Now you might've gotten caught on this, right? You went to your bank, you went to E-bay, you went to any of these places and all of a sudden. And denied you write it blocked you. That can happen when your account is on these hackers lists. [00:08:45] You remember last week we talked about password spraying while that's a very big deal and hackers are doing the sprain trick all of the time, and that is causing you to get locked out of your own account. So if you do get locked out, remember it might be because someone's trying to break. Obviously you have to enforce the policies. [00:09:09] The capture is a very good thing. Again, this is more for software developer. We always recommend that you use multifactor or two factor authentication. Okay. Do not use your SMS, your text messages for that, where they'll send you a text message to verify who you are. If you can avoid that, you're much better off. [00:09:30] Cause there's some easy ways to get around that for hackers that are determined. Okay. A multi-factor again, installed an intrusion. system. We put right at the network edge and between workstations and servers, even inside the network, we put detection systems that look for intrusion attempts and block intrusion attempts. [00:09:56] A very important use denied lists to block known attackers. We build them automatically. We use some of the higher end Cisco gates. Cisco is a big network provider. They have some of the best hardware and software out there, and you have to subscribe to a lot of people complain. I ain't going to just go buy a firewall for 200 bucks on Amazon. [00:10:18] Why would I pay that much a month just to to have a Cisco firewall? And it's like praying pain for the brand. I've got by logo chert on here. Oh, I wouldn't pay for that. No, it's because they are automatically providing block lists that are updated by the minute sometimes. And then make sure you've got an incident response plan in place. [00:10:44] What are you going to do when they come for you? What are you going to do? Bad boys. Bad. Stick around. We've got a lot more to talk about here as we go. I am explaining the hacks that are going on right now and what you can do as a business and an individual doubt. Protect yourself. Don't go anywhere. [00:11:07] Now we're going to talk about prevention. What can you do an order to stop some of these attacks that are coming from Russia and from other countries, it is huge. People. Believe me, this is a very big problem. And I'm here to help. [00:11:23] hi, I'm Craig Peter Sohn, your chief information security officer. We've reviewed a number of things that are important when it comes to your cyber security and your protection. [00:11:37] We talked about the front end. We talked about the backend. Now we're going to talk about pure prevention and if you're watching. Online. You'll be able to see my slides as they come up, as we talk about some of this stuff and you'll find me on YouTube and you'll also find me on rumble, a fairly new platform out there platform that doesn't censor you for the things you say. [00:12:01] Okay. So here we go. First of all, enabling your active directory password protection is going to. Four's password protection all the way through your business. Now I've had some discussions with people over the months, over the years about this whole thing and what should be done, what can be done, what cannot be done. [00:12:26] Hey, it's a very big deal when it comes to password protection and actor directory, believe it or not, even though it's a Microsoft product is pretty darn good at a few things. One of them is. Controlling all the machines and the devices. One of the things we do is we use an MDM or what used to be a mobile device manager called mass 360. [00:12:51] It's available from IBM. We have a special version of that allows us as a managed security services provider to be able to control everything on people's machines. Active directory is something you should seriously consider. If you are a Mac based shop. Like I am. In fact, I'm sitting right now in front of two max that I'm using right now, you'll find that active directory is a little bit iffy. [00:13:21] Sometimes for max, there are some work around and it's gotten better mastery. 60 is absolutely the way to go, but make sure you've got really good. Passwords and the types of passwords that are most prone to sprain the attacks are the ones you should be banning specifically. Remember the website? Have I been poned? [00:13:45] Yeah. It's something that you should go to pretty frequently. And again, if you miss anything today, just email me M e@craigpeterson.com. Believe me, I am not going to harass you at all. Okay. Now, the next thing that you should be doing is what's called red team blue team. Now the red team is a group of people, usually outside of your organization. [00:14:11] If you're a big company they're probably inside, but the red team is the team that attacks you. They're white hat hackers, who are attacking you, looking for vulnerabilities, looking for things that you should or shouldn't be doing. And then the blue team is the side that's trying to defend. So think of, like war games. [00:14:29] Remember that movie with Matthew Broderick all of those decades ago and how the, he was trying to defend that computer was trying to defend that it moved into an attack mode, right? Red team's attack, blue team is defend. So you want. To conduct simulated attacks. Now w conducting these attacks include saying, oh my let's now put in place and execute our plan here for what are we going to do once we have a. [00:15:01] And you darn well better have a breach plan in place. So that's one of the things that we help as a fractional chief information security officer for companies, right? You've got to get that in place and you have to conduct these simulated attacks and you have to do penetration testing, including password spraying attacks. [00:15:21] There's so many things you can do. The one of the things that we like to do and that you might want to do, whether you're a home user, retiree or a business is go and look online, you can just use Google. I use far more advanced tools, but you can use Google and look for your email address right there. [00:15:40] Look for the names of people inside your organization. And then say wait a minute, does that data actually need to be there? Or am I really exposing the company exposing people's information that shouldn't be out there because you remember the hackers. One of the things they do is they fish you fish as in pH. [00:16:04] So they'll send you an email that looks like. Hey let me see. I know that Mary is the CFO, and I know that Joe's going to be out of town for two weeks in The Bahamas, not a touch. So while he's got. I'm going to send an email to Mary, to get her to do something, to transfer the company's funds to me. [00:16:23] Okay. So that's what that's all about. You've got to make sure, where is our information? And if you go to my company's page, mainstream.net, you'll see on there that I don't list any of the officers or any of the people that are in the company, because that again is a security problem. [00:16:41] We're letting them know. I go to some of these sites, like professional sites lawyers, doctors, countenance, and I find right there all, are there people right there top people or sometimes all of them. And then we'll say, yeah, I went to McGill university, went to Harvard, whatever my B. It's all there. So now they've got great information to fish you, to fish that company, because all they have to do is send an email to say, Hey, you remember me? [00:17:13] We're in Harvard when this class together. And did you have as a professor to see how that works? Okay. You also want to make. That you implement, what's called a passwordless user agent, and this is just so solely effective. If they cannot get into your count, what's going to, what could possibly go wrong, but one of the ways to not allow them into the count is to use. [00:17:41] Biometrics. We use something called duo and we have that tied into the single sign-on and the duo single sign-on works great because what it does now is I put in, I go to a site, I put it into my username and. Pulls up a special splash page that is running on one of our servers. That again asks me for my duo username. [00:18:04] So I've got my username for the site then to my dual username and my duo password single sign on. And then it sends me. To an app on my smart device, a request saying, Hey, are you trying to log into Microsoft? And w whatever it might be at Microsoft, and you can say yes or no, and it uses biometric. [00:18:27] So those biometrics now are great because it says, oh, okay, I need a face ID or I need a thumb print, whatever it might be that allows a generalized, a password, less access. Okay. Password less. Meaning no pass. So those are some of the top things you can do when it comes to prevention. And if you use those, they're never going to be able to get at your data because it's something you have along with something, it works great. [00:19:02] And we like to do this. Some customers. I don't like to go through those hoops of the single sign-on and using duo and making that all work right where we're fine with it. We've got to keep ourselves, at least as secure as the DOD regulations require unlike almost anybody else in industry, I'm not going to brag about it. [00:19:26] But some of our clients don't like to meet the tightest of controls. And so sometimes they don't. I hate to say that, but they just don't and it's a fine line between. Getting your work done and being secure, but I think there's some compromises it can be readily made. We're going to talk next about saving your data from ransomware and the newest ransomware. [00:19:53] We're going to talk about the third generation. That's out there right now. Ransomware, it's getting crazy. Let me tell ya and what it's doing to us and what you can do. What is a good backup that has changed over the last 12 months? It's changed a lot. I used to preach 3, 2, 1. There's a new sheriff in town. [00:20:15] Stick around Craig peterson.com. [00:20:19] 3, 2, 1 that used to be the standard, the gold standard for backing up. It is no longer the case with now the third generation of ransomware. You should be doing something even better. And we'll talk about it now. [00:20:36] We're doing this as a simulcast here. It's on YouTube. It is also on rumble. [00:20:43] It's on my website@craigpeterson.com because we're going through the things that you can do, particularly if you're a business. To stop the Russian invasion because as we've been warned again and again, the Russians are after us and our data. So if you missed part of what we're talking about today, or. [00:21:07] Last week show, make sure you send me an email. me@craigpeterson.com. This is the information you need. If you are responsible in any way for computers, that means in your home, right? Certainly in businesses, because what I'm trying to do is help and save those small businesses that just can't afford to have full-time. [00:21:31] True cyber security personnel on site. So that's what the whole fractional chief information security officer thing is about. Because you just, you can't possibly afford it. And believe me, that guy that comes in to fix your computers is no cyber security expert. These people that are attacking our full time cybersecurity experts in the coming from every country in the world, including the coming from the us. [00:22:01] We just had more arrests last week. So let's talk about ransomware correctly. Ransomware, very big problem. Been around a long time. The first version of ransomware was software got onto your computer through some mechanism, and then you had that red screen. We've all seen that red screen and it says, Hey, pay up buddy. [00:22:23] It says here you need to send so many Bitcoin or a fraction of a Bitcoin or so many dollars worth of Bitcoin. To this Bitcoin wallet. And if you need any help, you can send email here or do a live chat. They're very sophisticated. We should talk about it some more. At some point that was one generation. [00:22:45] One generation two was not everybody was paying the ransoms. So what did they do at that point? They said let me see if they, we can ransom the data by encrypting it and having them pay us to get it back. 50% of the time issue got all your data back. Okay. Not very often. Not often enough that's for sure. [00:23:05] Or what we could do is let's steal some of their intellectual property. Let's steal some of their data, their social security number, their bank, account numbers, et cetera. They're in a, in an Excel spreadsheet on their company. And then we'll, if they don't pay that first ransom, we'll tell them if they don't pay up, we'll release their information. [00:23:26] Sometimes you'll pay that first ransom and then they will hold you ransom a second time, pretending to be a different group of cyber terrorists. Okay. Number three, round three is what we're seeing right now. And this is what's coming from Russia, nears, everything we can tell. And that is. They are erasing our machines. [00:23:48] Totally erasing them are pretty sophisticated ways of erasing it as well, so that it sinks in really, it's impossible to recover. It's sophisticated in that it, it doesn't delete some key registry entries until right at the very end and then reboots and computer. And of course, there's. Computer left to reboot, right? [00:24:11] It's lost everything off of that hard drive or SSD, whatever your boot devices. So let's talk about the best ways here to do some of this backup and saving your data from ransomware. Now you need to use offsite disconnected. Backups, no question about it. So let's talk about what's been happening. [00:24:34] Hospitals, businesses, police departments, schools, they've all been hit, right? And these ransomware attacks are usually started by a person. I'll link in an email. Now this is a poison link. Most of the time, it used to be a little bit more where it was a word document, an Excel document that had something nasty inside Microsoft, as I've said, many times has truly pulled up their socks. [00:25:02] Okay. So it doesn't happen as much as it used to. Plus with malware defender turned on in your windows operating system. You're going to be a little bit safer next step. A program tries to run. Okay. And it effectively denies access to all of that data. Because it's encrypted it. And then usually what it does so that your computer still works. [00:25:26] Is it encrypts all of you, like your word docs, your Excel docs, your databases, right? Oh, the stuff that matters. And once they've got all of that encrypted, you can't really access it. Yeah. The files there, but it looks like trash now. There's new disturbing trends. It has really developed over the last few months. [00:25:48] So in addition to encrypting your PC, it can now encrypt an entire network and all mounted drives, even drives that are marrying cloud services. Remember this, everybody, this is really a big deal because what will happen here is if you have let's say you've got an old driver G drive or some drive mounted off of your network. [00:26:14] You have access to it from your computer, right? Yeah. You click on that drive. And now you're in there and in the windows side Unix and max are a little different, but the same general idea you have access to you have right. Access to it. So what they'll do is any mounted drive, like those network drives is going to get encrypted, but the same thing is true. [00:26:36] If you are attaching a U S B drive to your company, So that USB drive, now that has your backup on it gets encrypted. So if your network is being used to back up, and if you have a thumb drive a USB drive, it's not really a thumb drive, right? There's external drive, but countered by USP hooked up. [00:27:02] And that's where your backup lives. Your. Because you have lost it. And there have been some pieces of software that have done that for awhile. Yeah. When they can encrypt your network drive, it is really going after all whole bunch of people, because everyone that's using that network drive is now effective, and it is absolutely. [00:27:27] Devastating. So the best way to do this is you. Obviously you do a bit of a local backup. We will usually put a server at the client's site that is used as a backup destiny. Okay. So that servers, the destination, all of the stuff gets backed up there. It's encrypted. It's not on the network per se. It's using a special encrypted protocol between each machine and the backup server. And then that backup servers data gets pushed off site. Some of our clients, we even go so far as to push it. To a tape drive, which is really important too, because now you have something physical that is by the way, encrypted that cannot be accessed by the attacker. [00:28:20] It's offsite. So we have our own data center. The, we run the, we manage the no one else has access to it is ours. And we push all of those backups offsite to our data center, which gives us another advantage. If a machine crashes badly, right? The hard disk fails heaven forbid they get ransomware. We've never had that happen to one of our clients. [00:28:46] Just we've had it happen prior to them becoming clients, is that we can now restore. That machine either virtually in the cloud, or we can restore it right onto a piece of hardware and have them up and running in four hours. It can really be that fast, but it's obviously more expensive than in some. [00:29:08] Are looking to pay. All right, stick around. We've got more to talk about when we come back and what are the Russians doing? How can you protect your small business? If you're a one, man, one woman operation, believe it. You've got to do this as well. Or you could lose everything. In fact, I think our small guys have even more to lose Craig peterson.com. [00:29:32] Backups are important. And we're going to talk about the different types of backups right now, what you should be doing, whether you're a one person, little business, or you are a, multi-national obviously a scale matters. [00:29:47] Protecting your data is one of the most important things you can possibly do. [00:29:53] I have clients who had their entire operating account emptied out, completely emptied. It's just amazing. I've had people pay. A lot of money to hackers to try and get data back. And I go back to this one lady over in Eastern Europe who built a company out of $45 million. By herself. And of course you probably heard about the shark tank people, right? [00:30:23] Barbara Cochran, how she almost lost $400,000 to a hacker. In fact, the money was on its way when she noticed what was going on and was able to stop it. So thank goodness she was able to stop it. But she was aware of these problems was looking for the potential and was able to catch it. How many of us are paying that much attention? [00:30:50] And now one of the things you can do that will usually kind of protect you from some of the worst outcomes. And when it comes to ransomware is to backup. And I know everybody says, yeah, I'm backing up. It's really rare. When we go in and we find a company has been backing up properly, it even happens to us sometimes. [00:31:15] We put them back up regimen in place and things seem to be going well, but then when you need the backup, oh my gosh, we just had this happen a couple of weeks ago. Actually this last week, this is what happened. We have. Something called an FMC, which is a controller from Cisco that actually controls firewalls in our customer's locations. [00:31:42] This is a big machine. It monitors stuff. It's tied into this ice server, which is. Looking for nastiness and we're bad guys trying to break in, right? It's intrusion detection and prevention and tying it into this massive network of a billion data points a day that Cisco manages. Okay. It's absolutely huge. [00:32:05] And we're running it in a virtual machine network. So we. Two big blade. Chassies full of blades and blades are each blade is a computer. So it has multiple CPU's and has a whole bunch of memory. It also has in there storage and we're using something that VMware calls visa. So it's a little virtual storage area network. [00:32:32] That's located inside this chassis and there are multiple copies of everything. So if a storage unit fails, you're still, okay. Everything stays up, it keeps running. And we have it set up so that there's redundancy on pond redundancy. One of the redundancies was to back it up to a file server that we have that's running ZFS, which is phenomenal. [00:32:56] Let me tell you, it is the best file system out there I've never ever had a problem with it. It's just crazy. I can send you more information. If you ever interested, just email me@craigpeterson.com. Anytime. Be glad to send you the open source information, whatever you need. But what had happened is. [00:33:13] Somehow the boot disk of that FMC, that, that firewall controller had been corrupted. So we thought, oh, okay, no problem. Let's look at our backups. Yeah, hadn't backed up since October, 2019. Yeah, and we didn't know it had been silently failing. Obviously we're putting stuff in place to stop that from ever happening again. [00:33:43] So we are monitoring the backups, the, that network. Of desks that was making up that storage area network that had the redundancy failed because the machine itself, somehow corrupted its file system, ext four file system right then are supposed to be corruptible, but the journal was messed up and it was man, what a headache. [00:34:07] And so they thought, okay, you're going to have to re-install. And we were sitting there saying, oh, you're kidding me. Reinstalling this FMC controller means we've got to configure our clients, firewalls that are being controlled from this FMC, all of their networks, all of their devices. We had to put it out. [00:34:23] This is going to take a couple of weeks. So because I've been doing this for so long. I was able to boot up an optics desk and Mount the file system and go in manually underneath the whole FMC, this whole firewall controller and make repairs to it. Got it repaired, and then got it back online. So thank goodness for that. [00:34:49] It happens to the best of us, but I have to say I have never had a new client where they had good backups. Ever. Okay. That, and now that should tell you something. So if you are a business, a small business, whatever it might be, check your backups, double check them. Now, when we're running backups, we do a couple of things. [00:35:14] We go ahead and make sure the backup is good. So remember I mentioned that we have. Backup server that sits onsite. Usually it depends on the size of the client. But sits onsite at the client's site. So it will perform the backup and then tries to actual restore of that backup to make sure it's good. [00:35:35] And we can even. Client, depending on what they want. So a higher level, if a machine goes down, let's say it catches fire, or disk explodes in it, or completely fails. We can actually bring that machine online inside our backup server or the customer. Yeah, how's that for fancy and bring it back online in just a matter of minutes instead of days or weeks. [00:36:04] So that's true too. If that machine had been a ransom had this data, you raised whatever might've happened to it. We can restore it now. We've never had to knock on wood, except when there was a physical problem with the machine and as. Starting from scratching it, that machine, the new machine online in four hours or less. [00:36:28] And it's really cool the way it works. If you like this stuff, man, it is great. Okay. Protecting your data. I'm rambling a little bit here. You need an archival service there's companies out there like iron mountain, you can at your local bank, depending on the bank. It ain't like it used to be, get a box, right? [00:36:50] A special box in the vault that you. The tapes and other things in nowadays there's cloud options, virtual tape backup options, which is a lot of what we use and we do. Okay. We also use straight cloud at the very bottom end again. It's not located on the network. It's up in the cloud. It's double encrypted. [00:37:13] It's absolutely the way to do now if you're going to have a backup and if that backup, you want to be secure, it must not be accessible. To the attacker, you've got to put some literal air space between your backups and the cyber criminals. It's called an air gap. So there's no way for them to get to it. [00:37:37] Okay. Now I want you to consider seriously using tape these a LTO. These linear tape drives. They've been around for a long time, but their cartridges you can pull in and out. And they're huge. They they're physically small, but they can hold terabytes worth of data. They're absolutely amazing. There's some great disk based backup systems as what we do. [00:38:02] Some of them are been around a long time and they can be quite reasonably. Price. All right. So it's something for you to consider, but you've got to have at least that air gap in order to make sure that you're going to be protected. What should you be looking for in a backup system? This is called 3, 2, 2 1, which means maintain at least three copies of your data store the backups on two different meters. [00:38:31] Store at least one of the copies at an offsite location store, at least one of the copies offline, and be sure to have verified backups without air. Okay. Does that sound a little complicated? 3, 2, 1, 1 0 is what it's called. Just to be 3, 2, 1. Now it's 3, 2, 1, 1 0. I can send you Karen put together a special report on this based on our research. [00:38:57] And I can share that with you. Absolutely free. Hey guys, if you want it, you got it. But you got to ask me, just email me M e@craigpeterson.com. This is absolutely essential. If you're a small business, a tiny business to do it this way. Let me tell you, okay, this is just huge. Physical backups should be stored off site. [00:39:19] I mentioned the bank fault. A lot of people just go ahead and take them home with. That might be a desk. It might be a tape. It can be a little bit complicated to do. And I've picked up customers that thought they were backing up. They were using a USB drive. They were putting it in due to flee every Monday. [00:39:41] And then every Wednesday, what happened? Every Wednesday they bring in Wednesdays desk and then they bring that disc home and then Thursday, they bring in the Thursday disc. And none of them had been working. Okay. So be very careful. All of your backups should be encrypted. We encrypted at the customer site and then we reencrypt it when we bring it over to us. [00:40:06] Okay. Keys are essential. Particularly if you're using a cloud-based backup, don't use the same keys across multiple backups. Very important there. You should have some good procedures that are well-documented test, test your restores because very frequently. We find they don't work. In fact, that's the number one problem, right? [00:40:30] If they had just tried to restore, even once from their backup, they would've known they had problems. And get those backups scheduled on a regular schedule. Okay. So there's a lot more offline backups and more that we can talk about another time, but this is important. If you want any help, send me an email, just put backups in the subject line. [00:40:55] I'll send you some stuff. Email me, M e@craigpeterson.com. Now I am more than glad to help. Pretty much anybody out there. I'm not going to help. What about blah, blah, Amir Putin. But anybody else I'll help, but you got to reach out. Okay. You listen here. And I know some of this stuff is over some of our heads, some of your heads, you're the best and brightest. [00:41:20] That's why you're listening and I'll help you out. I'll send you some information. That's going to get you on the right track. Me M e@craigpeterson.com. That's Craig Peterson, S O N have a great day. [00:41:35] We just got an email this week from a customer and they're saying, oh no, my email has been hacked. What does that mean was a really hacked, we're going to talk right now about email spoofing, which is a very big deal. [00:41:51] Emails spoofing is being a problem for a long time, really? Since the 1970s. I remember when I got my first spoofed email back in the eighties and they was really a little bit confusing. [00:42:05] I went into it more detail, of course, being a very technical kind of guy and looked behind the curtains, figured out what was going on. Just shook my head. I marveled at some people. Why would you do this sort of thing? The whole idea behind email spoofing is for you to receive an email, looks like it's from someone that it's not now, you've all seen examples of this. [00:42:30] Everybody has. And those emails that are supposedly from the bank, or maybe from Amazon or some other type of business or family friend, this is part of what we call social engineering, where the bad guys are using a little bit about what they know about you, or maybe another person in order to. Frankly, fool you. [00:42:54] That's what spoofing really is. There were a lot of email accounts that were hacked over the last what, 30, 40 years. And you might remember this people sending out an email saying, oh, my account got hacked because you just got emails. Back in the day, what people were trying to do is break into people's email accounts and then the bad guys after having broken in now knew everybody that was in the contact list from the account that was just broken into. [00:43:29] Now they know, Hey, listen, this person sends an email. Maybe I can just pretend I'm them. Days it, the same thing still happens. But now typically what you're seeing is a more directed attack. So a person might even look in that email account that they've broken into and poke around a little bit and find out, oh, okay. [00:43:52] So this person's account I just broken to is a purchasing manager at a big. So then they take the next step or maybe this tab after that and try and figure out. Okay, so now what do I do? Oh, okay. So really what I can do now is send fake purchase orders or send fake requests for money. I've seen in the past with clients that we've picked up because the email was acting strangely where a bad guy went ahead, found. [00:44:25] Invoices that have been sent out by the purchasing person and the send the invoices out and changed the pay to information on the invoice. So they took the PDFs that they found on the file server of the invoices went in and changed them, change the account that they wanted, the funds ACH into. And once they had that happen, they just sent the invoice out again saying overdue. [00:44:54] Off goes in the email and the company receives it and says, oh okay, I need to pay this invoice. Now. Sometimes it marked them overdue. Sometimes they didn't mark them overdue. I've seen both cases and now the money gets sent off and that invoice gets paid and then gets paid to the wrong person. [00:45:13] Or maybe they go ahead and they don't send the invoice out, but they just send a little notification saying, Hey, our account has changed. Make sure you. Direct all future payments to this account. Instead. Now you might be thinking wait a second here. Now they send this email out. It's going to go into a bank account. [00:45:33] I can recover the money while no, you can't. Because what they're doing is they are using mules. Now you've heard of meals before. He might've even seen that recent Clint Eastwood movie. I think it was called. But typically when we think of mules, as people we're thinking about people who are running drugs well, in this case, the bad guys use mules in order to move money around. [00:45:59] And now sometimes the people know what they're doing. The FBI has had some really great arrests of some people who were doing this, particularly out in California, some of them cleaned. Yeah. I didn't know what was happening. It was just somebody, asked me to send money. It's like the Nigerian scam where the Nigeria in the Nigerian scam, they say, Hey I'm, I'm Nigerian prince, you've heard of these things before. And I need to get my money out of the country. I need to place to put them. And so if you have a us account, I'm going to transfer money into it. You can keep a thousand dollars of that 5,000 and I'm going to wire in just as a fee. Thanks for doing this. I, this is so important and it's such a hurry and I'm going to send you the. [00:46:46] What they'll often do is send you a money order. It couldn't be a bank check, could be a lot of things, and then you go ahead and you cash it and oh, okay. Or cash just fine. And then you wire the $4,000 off to the bad guy. The bad guy gets the money and is off. Running in the meantime, your bank is trying to clear that bank check or that money order. [00:47:14] And they find out that there is no money there because frankly what might've happened? I, this is one I've seen, I'm telling you about a story w we helped to solve this problem, but I had taken out a real money order from a bank, and then they made copies of it. Basically, they just forged it. And so they forged a hundred copies of it. [00:47:36] So people thought they were getting a legitimate money order. And in some cases, the banks where the money order was, you mean deposited, did conf confirm it? They called up the source bank. Oh yeah. Yeah. That's a legit money order and then they all hit within a week or two. And now the, you are left holding the bag. [00:47:58] So that's one thing that happens. But typically with these mules, the money comes to them in that account. They are supposed to then take that money and put it in their PayPal account and send it off to the next. And it might try jump to through two or three different people, and then it ends up overseas and the bad guys have gotten so good at this and have the cooperation of some small countries, sometimes bigger countries that they actually own. [00:48:30] The bank overseas of the money ultimately gets transferred into. And of course there's no way to get the money back. It's a real. So with spoofing, they're trying to trick you into believing the emails from someone that you know, or someone that you can trust. Or as I said, maybe a business partner of some sort in most cases, it's some sort of a colleague, a vendor or a trusted brand. [00:48:58] And so they exploit the trust that you have, and they ask you to do something or divulge information. They'll try and get you to do something. So there's more complexity tax. Like the ones that I just explained here that are going after financial employees, there might be some, an accountant, a bookkeeper, or bill payer and receivables payables. [00:49:24] I've seen CFO attacks, but the really the spoofed email message looks legitimate on the surface. They'll use the legitimate logo of the company that they're trying to pretend that they're from. For instance, PayPal. Phishing attack. They have a spoofed email sender and typical email clients like you might be using for instance, on Microsoft outlook. [00:49:48] The sender address is shown on the message, but most of the time nowadays the mail clients hide the actual email address, or if you just glance at it, it looks legit. You've seen those before these forged email headers. Yeah, it gets to be a problem. Now we use some software from Cisco that we buy. [00:50:13] You have to buy. I think it's a thousand licenses at a time, but there were some others out there, Cisco again, by far the best and this, the software. Receives the email. So before it even ends up in the exchange server or somewhere else online, that email then goes through that Cisco server. They are comparing it to billions of other emails that they've seen, including in real time emails that are. [00:50:41] Right now. And they'll look at the header of the email message. You can do that as well. With any email client, you can look at the header, Microsoft and outlook calls, it view source. But if you look at the email header, you'll see received. Headers that are in there. So say, receive colon from, and they'll give a name of a domain and then you'll see another received header and give another name of a machine. [00:51:08] And it'll include the IP address might be IVF IPV four of your six, and you can then follow it all the way through. So what'll happen is partway through. You'll see, it took a hop that is. Not legitimate. That's where it comes in. Nowadays, if you have an email address for your business, man, a domain, you need to be publishing what are called SPF records. [00:51:37] And those SPF records are looked at there compared to make sure that the email is properly signed and is from. The correct sender. There's a SPF records. There's a mother's too, that you should have in place, but you'll see that in the headers, if you're looking in the header. So it gets pretty complicated. [00:51:59] The SPF, which is the sender policy framework is a security protocol standard. It's been around now for almost a decade. It's working in conjunction with what are called domain based message, authentication, reporting, and conformance. Heather's D mark headers to stop malware and phishing attacks. And they are very good if you use them properly, but unfortunately when I look, I would say it's still 95% of emails that are being sent by businesses are not using this email spoofing and protection. [00:52:35] So have a look at that and I can send you a couple articles on it. If you're in trusted Craig Peter sohn.com. [00:52:46] So we've established that email spoofing happens. What are the stats to this? And how can you further protect yourself from email spoofing? Particularly if you're not the technical type controlling DNS records, that's what's up right. [00:53:02] Everybody Craig Peter sawn here, your cybersecurity strategist. And you're listening to news radio, w G a N a M five 60 and 98.5 FM. Join me on the morning. Drive Wednesday mornings at 7 34. Of course in the am. There's so much going on in the cybersecurity world. It affects all of us. Now, I think back to the good old days 40 years ago where we weren't worried about a lot of this stuff, spoofing, et cetera. [00:53:36] But what we're talking about right now is 3.1 billion domain spoof. Emails sent every day. That's a huge thing. More than 90% of cyber attacks. Start with an email message. Email spoofing and phishing have had a worldwide impact costing probably $26 billion over the last five years. A couple of years ago, the FBI, this is 2019. [00:54:07] Reported that about a house. A million cyber attacks were successful. 24% of them were email-based and the average scam tricked users out of $75,000. Yeah. So it's no wonder so many people are concerned about their email and whether or not those pieces of email are really a problem for them. And then anybody else. [00:54:34] So a common attack that uses spoofing is CEO fraud, also known as business, email compromise. So this is where the attacker is spoofing or modifying, pretending to be a certain person that they're not they're impersonating an executive or owner, maybe of a business. And it targets. People in the financial accounting or accounts payable departments or even the engineering department. [00:55:01] And that's what happened with one of our clients this week. They got a very interesting spoofed email. So even when you're smart and you're paying attention, you can be tricked the Canadian city treasurer. Tricked into transferring a hundred grand from taxpayer funds, Mattel tricked into sending 3 million to an accountant, China, a bank in Belgium, tricked into sending the attackers 70 million Euro. [00:55:31] It happens and I have seen it personally with many businesses out there. So how do you protect yourself from email? Spoofing now, even with email security in place, there's some malicious email messages that are still going to get through to the inboxes. Now we're able to stop better than 96% of them just based on our stats. [00:55:54] In fact, it's very rare that one gets through, but here are some things you can do and watch out for whether you're an employee responsible for financial decisions, or maybe you're someone who is. Personal email at work. Here's some tricks here. So get your pencil ready. Number one, never click links to access a web. [00:56:19] Where you're asked to log in, always type in the official URL into your browser and authenticate on the browser. In other words, if you get an email from your bank or someone else, and there's a link in there to click that says, Hey oh man, here's some real problems. You got to respond right away. [00:56:42] Don't do that go to paypal.com or your bank or your vendor's site, just type it into your browser, even though you can hover over the email link and see what it is. Sometimes it can be perfectly legitimate and yet it looks weird. For instance, when I send out my emails that people subscribe to that right there on Craig peterson.com, the links are going to come from the people that handle my email lists for me, because I send out thousands of emails at a time to people that have asked to get those emails. [00:57:22] So I use a service and the services taking those links, modifying them somewhat in fact dramatically. And using that to make sure the delivery happened, people are opening it and that I'm not bothering you. So you can unsubscribe next step. You can, if you want to dig in more, look at the email headers. [00:57:45] Now they're different for every email client. If you're using outlook, you have to select the email, basically in the left-hand side. Okay. You're going to control, click on that email and we'll come up and you'll see something that says view source. So in the outlook world, they hide it from you. [00:58:06] If you're using a Mac and Mac mail, all you have to do is go to up in the menu bar email and view, header and cut off. There it is. I have many times in the past just left that turned on. So I'm always seeing the headers that reminds me to keep a look at those headers. So if you look in the header, And if the email sender is let me put it this way. [00:58:31] If the person who is supposed to have sent it to you is doing headers proper, properly. You're going to see. A received SPF section of the headers and right in there, you can look for a pass or fail and response, and that'll tell you if it's legit. So in other words, let's use PayPal as an example, PayPal has these records that it publishes that say all of our emails are going to come from this server or that server of. [00:59:04] And I do the same thing for my domains and we do the same thing for our clients domains. So it's something that you can really count on if you're doing it right, that this section of the headers. And that's why I was talking about earlier. If you have an email that your sending out from your domain and you don't have those proper headers in it, there's no way. [00:59:31] To truly authenticate it. Now I go a step further and I use GPG in order to sign most of my emails. Now I don't do this for the trainings and other things, but direct personal emails from me will usually be cryptographically signed. So you can verify that it was me that sent it. Another thing you can do is copy and paste the text, the body of that email into a search engine. [01:00:03] Of course I recommend duck go in most cases. And the chances are that frankly they've sent it to multiple people. That's why I was saying our Cisco based email filter. That's what it does, it looks for common portions of the body for emails that are known to be bad, be suspicious of email from official sources like the IRS, they're not going to be sending you email out of the blue most places. Aren't obviously don't open attachments from people that you don't. Special suspicious ones, particularly people we'll send PDFs that are infected. It's been a real problem. They'll send of course word docs, Excel docs, et cetera, as well. [01:00:54] And the more. I have a sense of urgency or danger. That's a part of the email should really get your suspicions up, frankly, because suggesting something bad is going to happen. If you don't act quickly, that kind of gets around part of your brain and it's the fight or flight, right? Hey, I gotta take care of this. [01:01:17] I gotta take care of this right away. Ah, and maybe you. So those are the main things that you can pay attention to. In the emails, if you are a tech person, and you're trying to figure this out, how can I make the emails safer for our company? You can always drop me an email as well. Me, M e@craigpeterson.com. [01:01:43] I can send you to a couple of good sources. I'll have to put together a training as well on how to do this, but as individually. At least from my standpoint, a lot of this is common sense and unfortunately the bad guys have made it. So email is something we can no longer completely trust. Spoofing is a problem. [01:02:05] As I said, we just saw it again this week. Thank goodness. It was all caught and stopped. The account was not. It was just a spoofed email from an account outside the organization that was act Craig peterson.com. Stick around. [01:02:24] The value of crypto coins has been going down lately quite a bit across the board, not just Bitcoin, but the amount of crypto mining and crypto jacking going on. That hasn't gone down much at all. [01:02:48] hi, I'm Craig Peter Sohn, your cyber security strategist. And you're listening to news radio, w G a N a M five 60 and FM nine. Point five, you can join me on the morning drive every Wednesday morning at 7 34, Matt and I go over some of the latest in news. You know about crypto coins, at least a little bit, right? [01:03:15] These are the things like Bitcoin and others that are obstensively private, but in reality, aren't that private. If you receive coins and you spend coins, you are probably trackable. And if you can't spend that, the crypto currencies, why even bother getting it in the first place. One of the big drivers behind the price of these crypto currencies has been criminal activity. [01:03:48] We've talked about that before. Here's the problem we're seeing more and more nowadays, even though the price of Bitcoin might go down 30%, which it has, and it's gone down in bigger chunks before. It does not mean that the bad guys don't want more of it. And what better way to mine, cryptocurrency then to not have to pay for. [01:04:15] So the bad guys have been doing something called crypto jacking. This is where criminals are using really ransomware like tactics and poisoned website to get your computer, even your smartphone to mine, cryptocurrencies for. No mining, a Bitcoin can cost as much in electric bills that are in fact more in electric bills. [01:04:43] Then you get from the value of the Bitcoin itself. So it's expensive for them to run it. Some countries like China have said, no, you're not doing it anymore because they're using so much electricity here in the U S we've even got crypto mining companies that are buying. Old power plant coal-fired or otherwise, and are generating their own electricity there locally in order to be able to mine cryptocurrencies efficiently, effectively so that they can make some profit from it. [01:05:18] It's really quite the world out there. Some people have complained about their smartphone getting really hot. Their battery only lasts maybe an hour and it's supposed to last all day. Sometimes what's happened is your smartphone has been hijacked. It's been crypto jacked. So your smartphone, they're not designed to sit there and do heavy computing all day long. [01:05:45] Like a workstation is even your regular desktop computer. Probably isn't. To be able to handle day long mining that has to happen. In fact, the most efficient way to do crypto mining of course is using specialized hardware, but that costs them money. So why not just crypto Jack? All right. There are two primary ways. [01:06:09] Hackers have been getting victims, computers to secretly mine. Cryptocurrencies one is to trick them into loading. Crypto mining code onto their computers. So that's done through various types of fishing, light tactics. They get a legitimate looking email that tricks people into clicking on a link and the link runs code. [01:06:30] Now what's interesting is you don't, even for cryptocurrency crypto jacket, you don't even have to download a program in. To have your computer start mining cryptocurrencies for the bad guys. They can use your browser to run a crypto mining script. And it runs in the background. As you work right, using up electricity, using up the CPU on your computer. [01:06:58] They also will put it into ads. They'll put it on a website and your browser goes ahead and runs the code beautifully. So they're really trying to maximize their returns. That's the basics of crypto jacking what's been particularly bad lately has been the hackers breaking into cloud account. And then using those accounts to mine cryptocurrency, one of the trainings that I had on my Wednesday wisdoms has to do with password stuffing and my Wednesday wisdoms, you can get by just subscribing to my email over there@craigpeterson.com. [01:07:44] But what happens here is they find your email address. They find. Password on one of these hacks that is occurred on the dark web. You weren't on the dark web, but your username or email address and password are there on the dark web. And then they just try it. So a big site like Amazon, or maybe it was your IBM also has cloud services can be sitting there running along very well, having fun. [01:08:16] Life's good. And. Then they go ahead and try your email address and password to try and break in. Now, you know how I keep telling everybody use a good password manager and this week I actually changed my opinion on password managers. So you know, that I really like the password manager that you can get from one password.com. [01:08:44] It really is fantastic. Particularly for businesses, various types of enterprises, one password.com. However, where I have changed is that some of these browsers nowadays, particularly thinking about Firefox Google Chrome safari, if you're particularly, if you're on a Mac, all have built in password managers that are actually. [01:09:09] Good. Now they check. Have I been poned, which is a site I've talked to you guys about for years. To make sure that your accounts are reasonably safe than not being found on the dark web, the new password that it came up with or that you want to use. They check that as well. Make sure it's not in use. So here's an example here. [01:09:32] This is a guy by the name of Chris. He lives out in Seattle, Washington, and he makes mobile apps for local publishers. Just this year, new year's day, he got an alert from Amazon web services. Now Amazon web services, of course, cloud service. They've got some really nice stuff, starting with light ship and going up from there, I've used various services from them for well, since they started offering the services over very many years and. [01:10:04] They allow you to have a computer and you can get whatever size computer you want to, or fraction of a computer. You want to, he got this alert because it said that he owed more than $53,000 for a month's worth of hosts. Now his typical Amazon bill is between a hundred and 150 bucks a month. My typical Amazon bell is now 50 to maybe $80 a month. [01:10:34] I cannot imagine getting a $53,000 bill from our friends at Amazon. So the poor guy was just totally freaking out, which is a very big deal. So I'm looking at an article from insider that you can find a business insider.com. They were able to confirm that, yes, indeed. He got this $53,000 bill from Amazon and yes, indeed. [01:11:00] It looks like his account had been hacked by cryptocurrency miners. So these guys can run up just incredibly large charges for the raw computing power. They need to produce some of these digital cryptocurrencies, like Bitcoin there's many others out there. But this isn't new. This is happening all of the time. [01:11:23] Google reported late last year, that 86% of account breaches on its Google cloud platform were used to perform cryptocurrency mining. So make sure you are using a good password manager that generates good passwords. And I have a special report on passwords. You can download it immediately when you sign up for. [01:11:48] My email, my weekly email newsletter@craigpeterson.com and it tells you what to do, how to do it. What is a good password? What the thinking is because it's changed on passwords, but do that and use two factor authentication. Multi-factor authentication as well. And I talk about that in that special report too. [01:12:11] And visit me online. Sign up right now. Craig Peter sohn.com. [01:12:17] We're moving closer and closer to completely automated cars, but we want to talk right now about car hacks, because there was an interesting one this week that has to do with Tesla. And we'll talk about some of the other hacks on car. [01:12:33] Connected cars are coming our way in a very big way. [01:12:38] We just talked about the shutdown of two G and 3g in our cars. We, it wasn't really our cars, right? Two G 3g. That was for our cell phones. That was. Years ago course now for four GLTE 5g, even 10 G is being used in the labs. Right now. It's hard to think about some of those older technologies, but they were being used and they were being used by cars, primarily for the navigation features. [01:13:13] Some cars use these data links, if you will, that are really on the cell phone network in order to do remote things like remote start. For instance, I have a friend who's Subaru. Of course was using that. And now she's got to do an upgrade on her car because that 3g technology is going away depending on the carrier, by the way, some of it's going away sooner. [01:13:40] Some of it's going away later, but it'll all be gone at the end of 2020. What are we looking at? As we look into the future, I'm really concerned. I don't want to buy one of these new cars at the same time as I do, because they are cool, but I don't want to buy one of those because of the real problem that we could have of what well of having that car. [01:14:07] I need an upgrade and not been able to do it. I watched a video of a guy who took a Tesla that hadn't been damaged badly in a flood, and it was able to buy it for cheap. Why? Because Tesla will not sell you new motors and a new batteries for a car like that. So he got the car for cheap. He found a Chevy Camaro that had been wrecked, but its engine and transmission were just fine. [01:14:37] He ripped everything out of the Tesla and went ahead after that, cause you got to clean that out, and water damage. You spray wash all to the inside. He got right down to the aluminum, everything that wasn't part of the core aluminum chassis was gone. And then he built it back up again. He managed to keep all of those Tesla systems working, that, that screen that you have upfront that does the temperature control, cruise maps, everything out. [01:15:09] He kept that it was able to work. The, automated stuff, cruise control type stuff. And now he had a very hot car that looked like a Tesla. He took it out to SEMA, which is pretty cool. I'd love to see that, but it was a Tesla with a big V8 gasoline engine in it. He's done a, quite a good job on it. [01:15:33] It was quite amazing to see it took them months. It was him and some of his buddies. These new cars are even more connected than my friend Subaru is they get downloads from the. Some of them are using Wi-Fi and 5g. Really one of the big promises of 5g is, Hey, our cars can talk to each other because now you can get a millisecond delay in going from one car to another versus what you have today, which can be a half a second or more, which can be the difference between having a rear end collision and being able to stop in time when it comes to these automated system. [01:16:15] So they are more connected. They connect to the wifi in your homes. They connect to obviously the 5g network, which is where things are going right now. But what's happening with the hackers because really what we're talking about, isn't a computer on wheels. Oh no. Dozens of computers inside that car and your car has a network inside of it and has had for many years, this can bus network and even fancier ones nowadays that connect all of your systems together. [01:16:50] So your entertainment system, for instance, is connected to this network. And that was used. You might remember a couple of years ago on a Chrysler product where the bad guy installed. Or using the thumb drive onto that entertainment system and had a reporter drive that car down the road. This is all known. [01:17:13] It was all controlled. And was able to the bad guy right there, the demonstration in this case, I guess you'd call them a white hat hacker. He drove that car right off the road while the reporter was trying to steer otherwise because cars nowadays don't have a direct linkage between anything in any. [01:17:36] That's why I love my 1980 Mercedes TESOL. You turn the steering wheel. It isn't act
Exclusive Interview with Vice President of Acronis,Talking about the latest Cybersecurity risks and how acronis is working hard to secure them.DxTalks - The digital Leaders platform
Exclusive Interview with Vice President of Acronis,Talking about the latest Cybersecurity risks and how acronis is working hard to secure them.DxTalks - The digital Leaders platform
This week we learn how Vietnam Veterans of America and DAV are working together, meet with Minnesota National Guard’s 177th Cyber Protection Team and get an update from the MN Patriot Guard. Guests include: Bob Behrens – Vietnam Veterans of … Continue reading → The post Vietnam Veterans of America, DAV and the 177th Cyber Protection Team appeared first on Minnesota Military Radio.
People often talk about upskilling from a physical security role to becoming a cyber or converged security specialist. But what does that really mean? On this episode of the podcast, we speak with Shaun Southall, an operator that has expertly and effectively converged the two worlds of physical and cyber together as a working security specialist. Join us this week as we talk about: Shaun's asymmetric career journey into cyber security. How the ‘uninitiated,' physical security specialist can augment their skills. What steps to take and what to avoid when breaking into the field. The single biggest mindset shift that will determine your success. As we say here, knowledge is power and, in our industry, “what you don't know can hurt you.” So, tune in and get skilled up with our latest expert sharing his tricks of the trade and gems of experience! More about Shaun: Shaun is a Cyber Security Oversight Specialist for the Civil Aviation Authority, with almost twenty years of experience, a plethora of certifications, and an ambitious hashtag - #cisoby60! He holds a Level 6 diploma in Security Risk Management and an itch for formal self-improvement that has led to becoming an ISO 27001 Lead Implementer and gaining audit experience through voluntary work, before embarking on four ISACA certifications – CISM, CRISC, CDPSE and COBIT Foundation – in just four months. He is heavily influenced by Doug Hubbard, Alexei Sidorenko and Norman Marks and is driven to shift the mentality from ‘red amber green and five by fives' to a holistic appreciation of risk that considers the complexity of the threat landscape. Shaun is also a regular presenter at ASIS CPE events, promoting risk quantification and ‘debiasing the human', an active member of SIRA, FAIR and ISACA London Chapter, is a proud to be part of an organisation tasked with maintaining the safety and security of aviation in the UK. https://www.linkedin.com/in/shaunsouthall/ (Linkedin) More about the Circuit: The Circuit Magazine is written and produced by volunteers, most of who are operationally active, working full time in the security industry. The magazine is a product of their combined passion and desire to give something back to the industry. By subscribing to the magazine you are helping to keep it going into the future. https://circuit-magazine.com/read/ (Find out more >) If you liked this podcast, we have an accompanying weekly newsletter called 'On the Circuit' where we take a deeper dive into the wider industry. http://bit.ly/OntheCircuit (Opt in here >) The Circuit team is: Elijah Shaw Jon Moss Shaun West Phelim Rowe Connect with Us: https://circuit-magazine.com/ (Circuit Magazine) https://mailchi.mp/the-bba.org.uk/bba-connect (BBA Connect) https://www.theprotectorapp.com/ (NABA Protector) https://the-bba.org.uk/ (British Bodyguard Association)
נחשון פינקו מארח את אדיר בן-חמו מנהל מערכות המידע וסיסו של חברת פיברו ישראל בשיחה על בנייה ותפעול מערך הגנה רב מפעלי תחת ארגון גלובלי. איך רותמים את ההנהלה והעובדים ליצירת סביבה בטוחה בעידן הטרנספורמציה הדיגיטלית, ובהתמודדות היום יומית למול איומי סייבר בישראל 2021. Nachshon Pincu hosts Adir Ben-Hamo, Phibro Israel CIO and CISO, in a conversation about building and operating a multi-factory defense system under a global organization. How to recruit management and employees to cyber defense? How to create a safe environment in the digital transformation age and deal daily with cyber threats in Israel 2021?
Feel free to tackle only simple challenges, channel pros. Just don't expect to make much at it. Take it from this week's guest host, podcaster and industry analyst Dave Sobel, it's the hard stuff that produces big money. Dave, Matt, and Rich have plenty to say about that topic, as well as the news from Acronis's CyberFit Summit, and Dave has a few thoughts to share about Kaseya's efforts to harden its software against future breaches too. Then your three hosts are joined by interview guest Larry Walsh, of Channelnomics, for a can't-miss conversation about the meaning and importance of customer experience in managed services. It's a tough but essential thing for MSPs to master, but then you didn't expect this running an IT business stuff to be easy, did you? Subscribe to ChannelPro Weekly! iTunes: https://itunes.apple.com/us/podcast/channelpro-weekly-podcast/id1095568582?mt=2 Google Podcasts: https://podcasts.google.com/feed/aHR0cHM6Ly9jaGFubmVscHJvd2Vla2x5LmxpYnN5bi5jb20vcnNz?sa=X&ved=2ahUKEwjq-N3UvNHyAhVWPs0KHYdTDmkQ9sEGegQIARAF Spotify: https://open.spotify.com/show/7hWuOWbrIcwtrK6UJLSHvU Amazon Music: https://music.amazon.com/podcasts/a1d93194-a5f3-46d8-b625-abdc0ba032f1/ChannelPro-Weekly-Podcast More here: https://www.channelpronetwork.com/download/podcast/channelpro-weekly-podcast-episode-204-hard-stuff-makes-money Topics and Related Links Mentioned: Dave's Business of Tech Podcast - https://www.businessof.tech/ MSP Radio - https://www.mspradio.com/ Consolidating Vendors and Integrating Solutions Pays Off Big in Cyber Protection, Per Acronis Research - https://www.channelpronetwork.com/news/consolidating-vendors-and-integrating-solutions-pays-big-cyber-protection-acronis-research What's Now and Next from Acronis - https://www.channelpronetwork.com/slideshow/what-s-now-and-next-acronis 4 Thoughts on the Future of Technology and Security from Serguei Beloussov - https://www.channelpronetwork.com/slideshow/4-thoughts-future-technology-and-security-serguei-beloussov Kaseya Investing Millions More on Product Security - https://www.channelpronetwork.com/news/kaseya-investing-millions-more-product-security Dave's museum pick: Dragon's Lair Replicade - https://www.channelpronetwork.com/mgp Rich's ICYMI plug and quickie preview of the week ahead - https://www.channelpronetwork.com/tags/icymi
This week we speak with Nina Nguyen of Techchup IT on Agents and Owners Chit Chat with Cas Thompson. If you are an agent or owner visit www.Gladmash.com for immediate help with your business. ►► Weekly Newsletter and Social Media Tips for Agents & Ownershttps://socialmedia102.com - learn to get clients & customers to come to you►► The audio only version of this podcast is available herehttps://www.agentsandowners.com►► Follow the hosts and speakers hereCas ThompsonWebsite - https://www.casthompson.comInstagram - https://www.instagram.com/casthompsonFacebook - https://www.facebook.com/casthompsonTechChup IT Instagram - https://www.instagram.com/TechChupITFacebook - https://www.facebook.com/TechChupEmail podcast @ gladmash.com to get featured on our Podcast
Cyber Security continues to be top of the list of IT challenges most enterprises face. While our businesses continue to evolve in how we use technology, how we work, and how we consume data, so the threat continues to evolve. In the face of this challenge we need to think carefully about how we deliver our security strategy, these modern threats need a modern approach. Earlier this year, I was asked to present at an event hosted by Acronis, this event focussed on taking a new approach to security. The contents of that day stuck with me and I wanted to share with you some of the information from that event. To help me to do that is one of my co-presenters Acronis's Candid Wuest. Join us as we discuss. • What is Cyber Fit and Cyber Protection? • No single technology will protect you from everything • The holistic approach • Enjoy the SAPAS • Security is complex, but its management shouldn't be • Having a security business continuity plan • Some tips for getting cyber fit • A little more about the Acronis approach • The value of learning from vendors This is such a crucial topic in the enterprise and as we mentioned in summary, taking the opportunity to learn from leading vendors, can be extremely useful as you help build your cyber defences. More details and follow up information can be found in the show notes : https://wp.me/p4IvtA-1S7 Until next time, thanks for listening.
This week, the guys share simple tips that individuals and very small businesses can use to protect themselves and their data from cyber criminals, even without any technical background or experience! These are the basic cybersecurity measures that everyone should follow.Pick up your copy of Cyber Rants on Amazon.Looking to take your Cyber Security to the next level? Visit us at www.silentsector.com. Be sure to rate the podcast, leave us a review, and subscribe!
“Acronis True Image” has changed its name to “Acronis Cyber Protect Home Office”. Candid stopped by to tell us the difference between the new and the old versions. And why Acronis made the change as well as what else is new on this segment of “Your Moment In Tech”, enjoy! (acronis.com) And OBTW Anti Virus ='s Anti Malware. #ColoRadio #acronis # Malware #antivirus
08-18-2021 Tom Kelly
According to Security Magazine, a cyber attack happens every 11 seconds. Mick talks to Parasar Kodati about the integrations we are building out to protect our PowerScale and ECS platforms from these attacks.
Guest: Dean McCoubrey | Founder at MySocialLife Raising children these days comes with the added stress of ensuring your child is not exposed to the dark and ugly side of the world wide web. Teens and pre-teens have so much more to deal with than their parents could ever have imagined, which is why it's important to equip them with the tools they need to navigate their way around the online world. Dean McCoubrey, founder of My-Social-LIfe, a South African in-school Digital Life Skills Program teaching digital life skills program for schools highlights apps like TikTok which is popular among pre-teens and teenagers. See omnystudio.com/listener for privacy information.
Today we are joined by Doug Burke and Peter Mahoney from the Alliances Sales team to discuss Cyber Recovery with Dell Technologies Cloud PowerProtect for Multi-Cloud, powered by Faction. Tune in to discover how you can protect critical data whether it is hosted in the cloud or on-premises from a single destination without compromising integrity, confidentiality or availability.
Season 3 concludes with Joe Basques interviews Lou Covey and Patrick Boch, co-editors of the recently launched Cyber Protection Magazine (www.cyberprotection-magazine.com), an international joint project between the Footwasher Media in the US and Fabogi in Germany. The new publication will focus on practical implementation of cybersecurity for businessmen and the non-technical among us. --- Support this podcast: https://anchor.fm/crucialtech/support
On December 8th, 2020, news broke that FireEye, a leading global cybersecurity firm, had been hacked by a foreign entity. Immediately following the release, CEO Kevin Mandia demonstrated a refreshing approach to leading his company through this difficult period - he was forthright and honest about the breach. In our inaugural episode, Claudette sits down with Kevin to find out exactly what happened. Joining Claudette is former Intelligence Agent, David, to discuss how individuals and organizations can tap into different ways to increase personal protection and resiliency.
Host Gemma Milne talks with John Reed Stark about staying secure and compliant as organizations continue to digitally transform. They unpack the rise of ransomware, look at what companies can do to protect themselves from cybersecurity incidents, as well as how best to respond after a breach. John also discusses how organizations can take proactive and innovative measures to help remain secure and compliant while staying competitive. About John Reed StarkJohn Reed Stark is president of John Reed Stark Consulting LLC, a data breach response and digital compliance firm. Formerly, Mr. Stark served for almost 20 years in the Enforcement Division of the U.S. Securities and Exchange Commission, the last 11 of which as Chief of its Office of Internet Enforcement. He currently teaches a cyber-law course as a Senior Lecturing Fellow at Duke Law School. Mr. Stark also worked for 15 years as an Adjunct Professor of Law at the Georgetown University Law Center, where he taught several courses on the juxtaposition of law, technology, and crime, and for five years as managing director of global data breach response firm, Stroz Friedberg, including four years heading its Washington, D.C. office. Mr. Stark is the author of "The Cybersecurity Due Diligence Handbook.”Learn more about John Reed Stark:https://www.johnreedstark.com/ Topics of discussionWhy ransomware has become the preferred mode of cybercrime (04:49)Making sure your cybersecurity systems are working together effectively (11:52)Planning for better cyber incident response and crisis management (17:38)How the current environment affects smaller companies differently (25:27)What C-level executives and boards should look for when hiring for major security roles (28:32)What are the most exciting emerging cybersecurity technologies (31:57) Sponsor linkLearn how Microsoft Dynamics 365 Fraud Protection helps businesses minimize losses, safeguard revenues, and protect their reputation. Request a live demo today:https://aka.ms/AA8kzgt Helpful linksFollow us on social mediaTwitter: https://twitter.com/msftdynamics365LinkedIn: https://www.linkedin.com/showcase/microsoft-dynamicsYouTube: https://www.youtube.com/channel/UCJGCg4rB3QSs8y_1FquelBQ
“My passion is to educate women and families on the importance of cyber protection. I designed my product Kamshield specifically with families in mind. While developing the Kamsheild webcam cover I'd go into business meetings all over the world, London, China, the US, and everyone had a little piece of tape or something on their webcam.” Kameron Miller, Innovator of the webcam cover and President of Kamshield, saw a need and decided to create a product and make change. She educates us on the importance of cyber protection. She also asks herself the inspiring question, “if you had six months to live, what would you do? I genuinely have asked myself this for years. When I find that I'm doing something that I don't want to do, then I stop doing it, even though it's scary, even though it could be expensive, even though it can be a little overwhelming. I really want to live a life that is worth living.” Listen and be inspired to protect yourself and your family.
Datenverlust ist für Unternehmen immer auch ein monetärer Verlust, egal ob Einzelunternehmer oder Großkonzern. In der vorerst letzten Episode zum Thema Cyber Protection widmen wir uns der letzten Verteidigungslinie der Datensicherheit: dem Backup. Im Gespräch sind diesmal Marcel Henker, Markus Bauer und Candid Wüest von Acronis.
Ein Virenscanner ist wichtig, aber nur ein Teil eines umfassenden Schutzes gegen alle Arten von Bedrohungen. Markus Bauer und Marcel Henker erklären uns, was eine integrierte Sicherheitslösung leisten muss, die 5 Säulen der Cyber Protection bei Acronis (SAPAS) und den Balance-Akt zwischen User-Freundlichkeit und Sicherheit.
Seit der Nutzung des Internets steigt auch die Bedrohungslage für dieses Medium. So sehen sich nicht nur Unternehmen, sondern auch Privatpersonen der Gefahr durch Phishing-Mails, Malware und Ransomware ausgesetzt. In dieser ersten Folge des Schwerpunktes „Cyber-Protection“ stellen Candid Wuest und Marcel Henker von Acronis die einzelnen Bedrohungen vor und geben Ratschläge, wie man sich dagegen schützen kann.
Traditionelles Backup reicht schon lange nicht mehr, um sich den bestehenden Cyber-Bedrohungen sicher entgegenzustellen. Die Zukunft gehört der Cyber Protection, für die Acronis steht! Acronis Tech Evangelist Markus Bauer erklärt in den IT-BUSINESS Insights warum. Bild: © Acronis
Consumers are spending more time online, and with an increase in sharing and shopping comes an increased risk for potential issues related to a customer’s personal information. This is where Generali Global Assistance and its Global Identity and Cyber Protection business unit comes in.Founded in 1963, Generali Global Assistance has been a leader in the assistance industry for over 50 years and continues to provide its customers and partners peace of mind and assistance in the most difficult of circumstances. As a B2B2C supplier, the company works with consumers via various brand partners as an embedded or voluntary offering through insurance providers, financial institutions, or as a part of an employer’s benefits package – with the end goals of providing exceptional levels of customer experience and customer support, often in situations when consumers need that support the most. Loyalty360 recently spoke to Paige Schaffer, Chief Executive Officer for Global Identity and Cyber Protection, to learn more about the company, how Generali Global Assistance is assisting clients and customers during COVID-19, and how the company’s services can play a vital role in protecting customers during their time of need.
Telehealth has become more widely available during the coronavirus pandemic, but do all Australians stand to benefit from it? Plus, how to keep yourself secure in cyberspace and what to keep in mind during tax time.
Welcome to live show number 2! On the show today we cover brand new fitness tech from Fitbit, Low band frequency 5g networks with Nokia, cyber threats and protection from Acronis, the top 5 smartphones under $200 that can be used to install the COVIDSafe app and a whole heap more.
As we continue to face the Coronavirus pandemic, we must be more vigilant than ever to protect the health of our families, our communities and ourselves by following the advice given such as social distancing and frequent hand washing. However, we also need to be equally vigilant about our online presence as bad actors take advantage of us during these trying times and prey on our fears. Today's guest: Ellen Segriff, Head of Privacy, Cyber and Information Security for UBS Wealth Management in the Americas. Host: Anthony Pastore.
On today’s edition of the Atlanta Small Business Show, we’re pleased to welcome Michael Gargiulo, Founder and CEO of VPN.com. In this segment, Michael and Jim discuss everything you need to know about VPNs, what they are, why your business needs one, and how to go about acquiring the right one. https://www.myasbn.com/small-business/technology/how-the-right-vpn-can-give-your-business-critical-cyber-protection-michael-gargiulo-vpn-com/
The world was shocked when Equifax announced that 143 million people's Social Security numbers were compromised, and everyone asked how did this happen? But they are not the only ones to suffer a comprise in data security. Many other firms have had data breachs, even though we only hear about the big ones. In 2017, PwC interviewed 9,600 firms globally and found that 41% of them had experienced at least one security incident in the past year For many leaders and companies these figures should make it clear that securing corporate data is a must, it is no longer just an option. But the challenge is that the hackers are getting more and more sophisticated, and it is not just about technology, it is about of social engineering. Therefore, Cyber security must be deeply embedded in every aspect of your business. This episode looks at cyber security from the mind of a hacker and security expert who will help you understand what you need to do to protect your business.
SICUREZZA - Ma tu sai cos'è la Cyber Protection? Tutti parlano di Cybersecurity. E giustamente, perché la sicurezza informatica è un tema di attualità stringente, non confinato solo alla dimensione aziendale ma che tocca tutti, nessuno escluso, nella nostra quotidianità. E però oltre alla Cybersecurity c'è qualcosa in più: la Cyber Protection. Una frontiera ancora più vicina alle esigenze degli utenti, di cui al Multilevel Protection Roadshow (organizzato da Questar a Milano) Radio IT ha parlato con Francisco Amadi, Senior Sales Engineer di Acronis. Ecco cosa ci ha raccontato. Buon ascolto! Altri contenuti su www.radioit.it
SICUREZZA - Ma tu sai cos'è la Cyber Protection?Tutti parlano di Cybersecurity. E giustamente, perché la sicurezza informatica è un tema di attualità stringente, non confinato solo alla dimensione aziendale ma che tocca tutti, nessuno escluso, nella nostra quotidianità.E però oltre alla Cybersecurity c'è qualcosa in più: la Cyber Protection. Una frontiera ancora più vicina alle esigenze degli utenti, di cui al Multilevel Protection Roadshow (organizzato da Questar a Milano) Radio IT ha parlato con Francisco Amadi, Senior Sales Engineer di Acronis.Ecco cosa ci ha raccontato. Buon ascolto!Altri contenuti su www.radioit.it
Harley Schlanger, www.LaRouchePAC.com, World Trade, Lyndon LaRouche Four Power Agreement, Bretton Woods GOLD Fixed Currencies Exchange, Glass-Steagill End Speculative Banking, Belt and Road is Four Powers USA India China Europe, Stable World Road Shipping, Collaboration on World Economy, Defense of EARTH, Solar CME Protection, Cyber Protection of Digital Communications, Missile Defense Shared All Nations, Laser Net Inter-Ferrometry, Dr Bill Deagle MD AAEM ACAM A4M, NutriMedical Report Show, www.NutriMedical.com, www.ClayandIRON.com, www.Deagle-Network.com,https://www.nutrimedical.com/product-category/epigenetic-song-of-dna-therapy/, For information regarding your data privacy, visit Acast.com/privacy See acast.com/privacy for privacy and opt-out information.
Retailers, banks and airlines can see up to 90% of fraudulent logins attempting to steal some form of value in their systems. How are they protecting themselves against attacks? Derek Smith, CEO of Shape Security, has created a patent botwall service that protects many of the world’s largest banks, airlines, retailers and government agencies against cyberattacks, blocking more than a billion fraudulent login attempts daily. Key takeaways: Shape Security is helping more than 50% of the country’s largest airlines and banks as well as retail businesses like Starbucks by continuously defending against fraudulent login attempts. Shape prevents over a billion fraudulent login attempts every day. Hackers continue to become more sophisticated, but Shape is using advanced machine learning techniques to counteract the ever-improving hacking methodologies. Full show notes at http://wing.vc
It’s a brand new world for power system engineers. Nathan Wallace, Cybirical Co-Founder/Director of Cyber Operations, discusses the importance of designing systems to achieve cybersecurity goals. Wallace also discusses tools that will help utilities and other asset owners reap the benefits of technology while being protected from cyber threats.
The Defense Department's most sophisticated weapons systems, in service and planned, are basically moving, networked computer systems. That makes them vulnerable to cyber attacks. What's surprising is how flat-footed the department seems to be when it comes to protecting its weapons systems. That's according to Cristina Chaplain, director of contracting and national security acquisition issues at the Government Accountability Office. She joined Federal Drive with Tom Temin for more.
When it comes to cybersecurity, if you stand still you fall behind. Even if you run fast, you can still fall behind. For instance, at the Homeland Security Department, the National Cybersecurity Protection System hasn't met all of its objectives for intrusion detection and information sharing. Greg Wilshusen, director of information security issues at the Government Accountability Office, offers the details on Federal Drive with Tom Temin.
"2018 Cyber Protection" with top experts; Mike Maddox of Just ASK and Jeff Dettloff of Providence Consulting, moderated by Chris Buck. Also, Phil Zeller, of Dale Carnegie - Michigan answers your business questions. Michael Patrick Shiels talks with Jim Wise of Firekeepers Casino about their casino's marketing design and focus. Finally, Chad Livengood of Crain's Detroit brings you another edition of our "Detroit Rising" series. #AskBizRap
"2018 Cyber Protection" with top experts; Mike Maddox of Just ASK and Jeff Dettloff of Providence Consulting, moderated by Chris Buck. Also, Phil Zeller, of Dale Carnegie - Michigan answers your business questions. Michael Patrick Shiels talks with Jim Wise of Firekeepers Casino about their casino's marketing design and focus. Finally, Chad Livengood of Crain's Detroit brings you another edition of our "Detroit Rising" series. #AskBizRap
SICUREZZA - Ma tu sai cos'è la Cyber Protection? Tutti parlano di Cybersecurity. E giustamente, perché la sicurezza informatica è un tema di attualità stringente, non confinato solo alla dimensione aziendale ma che tocca tutti, nessuno escluso, nella nostra quotidianità. E però oltre alla Cybersecurity c'è qualcosa in più: la Cyber Protection. Una frontiera ancora più vicina alle esigenze degli utenti, di cui al Multilevel Protection Roadshow (organizzato da Questar a Milano) Radio IT ha parlato con Francisco Amadi, Senior Sales Engineer di Acronis. Ecco cosa ci ha raccontato. Buon ascolto!
SICUREZZA - Ma tu sai cos'è la Cyber Protection?Tutti parlano di Cybersecurity. E giustamente, perché la sicurezza informatica è un tema di attualità stringente, non confinato solo alla dimensione aziendale ma che tocca tutti, nessuno escluso, nella nostra quotidianità.E però oltre alla Cybersecurity c'è qualcosa in più: la Cyber Protection. Una frontiera ancora più vicina alle esigenze degli utenti, di cui al Multilevel Protection Roadshow (organizzato da Questar a Milano) Radio IT ha parlato con Francisco Amadi, Senior Sales Engineer di Acronis.Ecco cosa ci ha raccontato. Buon ascolto!
The world was shocked when Equifax announced that 143 million people's Social Security numbers were compromised, and everyone asked how did this happen? But they are not the only ones to suffer a comprise in data security. Many other firms have had data breachs, even though we only hear about the big ones. In 2017, PwC interviewed 9,600 firms globally and found that 41% of them had experienced at least one security incident in the past year For many leaders and companies these figures should make it clear that securing corporate data is a must, it is no longer just an option. But the challenge is that the hackers are getting more and more sophisticated, and it is not just about technology, it is about of social engineering. Therefore, Cyber security must be deeply embedded in every aspect of your business. This episode looks at cyber security from the mind of a hacker and security expert who will help you understand what you need to do to protect your business.
The world was shocked when Equifax announced that 143 million people's Social Security numbers were compromised, and everyone asked how did this happen? But they are not the only ones to suffer a comprise in data security. Many other firms have had data breachs, even though we only hear about the big ones. In 2017, PwC interviewed 9,600 firms globally and found that 41% of them had experienced at least one security incident in the past year For many leaders and companies these figures should make it clear that securing corporate data is a must, it is no longer just an option. But the challenge is that the hackers are getting more and more sophisticated, and it is not just about technology, it is about of social engineering. Therefore, Cyber security must be deeply embedded in every aspect of your business. This episode looks at cyber security from the mind of a hacker and security expert who will help you understand what you need to do to protect your business.
Heather Wagenhals can use her expertise to answer the following questions: * How can you protect your home office? * What kind of protection is needed in order to make sure your work valuables remain safe? * Why is it so important to protect your home documents? * What can happen if these documents are compromised? * Will there ever be a way to stop this kind of criminal activity? Meet Heather Wagenhals: * Certified Identity Theft Risk Management Specialist * Expert in Personal Finance and Wealth Building Techniques * Trusted Real Estate Broker and Investor of both Residential and Commercial Real Estate. * Host of Unlock Your Wealth Radio * Celebrated Columnist * Ranked #29 on top 100 Personal Finance Experts to Follow on Twitter * Best Selling Author of Yes You Can! And Bushido Business * Developer of Keys to Richesâ?¢ Financial Wellness Series * Internationally recognized writer, speaker, and broadcast professional
Prof. David McIntyre on foriegn policy and more.
CEO Yılmaz Yıldız explains the big cyber vulnerabilities for Turkish consumers and businesses