I get hired by companies to hack into their systems and break into their physical facilities to find security holes. Our success rate is 100%; we’ve always found a hole. ~Kevin Mitnick
I’ve been absorbing a lot of security training lately. It’s a frightening world out there. In no particular order, here are some of the tidbits that have left an impression.
Nobody wants to be headline news because they’ve experienced a breach.
Cyber Insurance does not pay ransomware. Most policies will cover some costs, such as litigation and associated support for your IT assets, but it likely won’t cover any actual ransom payments. (https://www.teamspring.us/does-cyber-insurance-cover-the-cost-of-ransomware/)
People in the U.S. are the recipients of 42% of phishing and malware mails. If you are in the 55-63 age bracket, you are a more attractive target than those aged 18-44. (https://tinyurl.com/45dsbxye)
If your data has been previously exposed via a data breach, you are at higher odds of being attacked. Find out if you’ve been previously exposed at https://haveibeenpwned.com/
Using 2 factor authentication aps is preferred over answering secret questions because the answers to secret questions can frequently be found on social media.
When (not if) your data is breached, restoring from backup can get you into trouble with the insurance companies and even the FBI. Restoring from backup will erase all of the forensics data available to track down the enemy. You’re backup plan should include the option to run your servers as virtual machines which will leave the forensic data in place.
Spear phishing is email spam on steroids. It will include your name and personal details gathered from the net and previous breaches. It mimics real email from real organizations. If they successfully fool you, it will be expensive. The average successful spear phishing attack cost $1.6 million. Refer back to paragraph 3-cyber insurance typically does not pay ransoms. (https://tinyurl.com/2267f37k)
If your data was exfiltrated or ransomed, would you have to close your business?
Need help rectifying some problem spots?
If you have domain named email, not a free email like gmail or yahoo, we can setup email spam filters to keep 90% of the garbage out of your inbox. We can also archive your incoming and outgoing email for compliance purposes or just because.
If you need a domain named email, we can assist with choosing the domain name, registering the domain name and parking the domain name. If that last sentence sounded like a foreign language, we can explain it in English via a personal visit or phone call.
We have backup solutions that can be run as a virtual machine.
We are looking for 50 individuals with business email addresses to qualify for cyber security training and dark web monitoring. If you are interested in being part of the group, please reach out to me. Prevention is always cheaper than the cure!
Stay Safe, Stay Healthy
Because It Made Me Laugh!
A Geologist Found the Cookie Monster Inside An Agate.
Complete story at: https://tinyurl.com/57c4fx9u