Afleveringen

  • Ssn 2 Ep 15 Zero Trust Pt 3

    Beyond the basic, foundational things you should already have in place, what’s the next thing you need to do to implement a Zero Trust approach to network security?

    1:04: It starts with the regulatory requirements a company must meet, then layer in policies and procedures.

    3:07: Every time a user wants to access resources, they are going to need to prove their credentials.

    3:16: NIST has developed a standard for Zero Trust, 800-207, which lays out what an enterprise needs to do to meet the zero trust model.

    4:58: Access to individual enterprise resources is granted on a per session basis and determined by policies.

    5:42: This can be geographically related and can also be determined by the user’s normal behaviors.

    7:25: Is AI involved in determining a user’s normal behavioral patterns?

    8:07: What specific changes need to be made to the architecture of your network?

    10:01: HR Management system, segmented on its own server.

    11:38: Is zero trust accessible to most companies?

    14:12: What is the first step in getting started with zero trust?

    14:48: A managed services provider is a good first step in starting the documentation process, defining policies, pushing it through to the user community.

    15:38: Getting the employees’ buy-in is important.

    16:57: Begin to expand segmentation out to the workstations.

    18:10: What level of importance would you rate this for companies to make this happen?

    18:38: If you depend on technology and you have data that you don’t want sold on the dark web, you must take a look at zero trust.

    18:48: A good service provider will help you with a logical roll-out plan

    20:04: Make sure you think this through first, implement your policies, and then start rolling it out in a logical manner.

    Zero Trust Architecture: https://www.nist.gov/publications/zero-trust-architecture

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

  • Ssn 2 Ep 14: Zero Trust, Pt 2

    Cybercrime is projected to cost the world 10.5 trillion annually by 2025. Hackers are looking for the easiest targets, make sure you’re not one of them. Zero Trust is a layered approach to cybersecurity that structures your network so you can do just that.

    Today's episode looks at foundational elements you better already have in place.

    Show Notes:

    :37: The big business of hacking

    1:13: Why and how cybercrime has accelerated since the pandemic

    1:42: Some of the reasons home workstations are vulnerable to cyber attacks

    2:00: DNS filtering

    4:07: The business cost of a cyber breach and some of the recent stats

    4:20: Threat actors live on your network for 280 days before they’re identified

    4:55: What happens when you’ve been hacked and held for ransom

    5:55: EDR—Endpoint Detection Response

    7:15: Some indicators of threat actors can have other causes

    8:23: Cloud configuration—and how it can pose a risk

    Business Cost of Cybercrime

    https://cobalt.io/blog/business-cost-of-cybercrime

    9:47: Cyber awareness training

    11:05: What happens to the stolen data from random individuals on home networks

    12:09: What happens to a company’s data

    12:30: Encryption

    14:25: Backups—a two-fold process for backing up to the cloud

    16:07: Zero Trust is a much deeper dive than the foundational things we’ve talked about today.

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

  • Zijn er afleveringen die ontbreken?

    Klik hier om de feed te vernieuwen.

  • Ssn 2 Ep 12: Zero Trust

    Cybercrime is projected to cost the world 10.5 trillion annually by 2025. Hackers are looking for the easiest targets, make sure you’re not one of them. Zero Trust is a way of structuring your network so you can do just that.

    Show Notes:

    :42: An overview of Zero Trust

    1:25: What is Zero Trust Network Architecture?

    2:15: Make sure you know who is accessing your data and how and when

    2:42: What is the normal way companies have their network structured? A look at flat networks

    3:13: Bare minimum—segment your network

    3:37: On premise servers vs. the cloud

    4:13: Flat network example using email in a cloud environment—how is your data accessed and how easy is it to break in?

    5:03: How a malicious actor can move easily around your flat network

    6:07: Phishing attacks and other ways threat actors can invade your network, and how an individual might be targeted and attacked

    7:15: Entry points: smart devices and other devices that are on your network—that may be infected with malware—and other entry points

    8:37: What would a Zero Trust environment look like?

    12:55: What happens if you don’t implement this? You’re going to get hacked and held for ransom. It’s not about if but when.

    14:00: Is it enough to just segment your network?

    14:39: But all this time I’ve never been compromised so what I’ve been doing must be good enough.

    15:25: Hacking is big business-- probably reaching the trillions. Hackers are looking for the easiest targets.

    https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

  • Ssn 2 Ep 12

    What's Up With the Chip Shortage?

    You’ve undoubtedly encountered the shortage of microchip availability, as this has affected nearly every industry. In today’s episode we’re going to discuss how it happened, how long it’s going to last—and what you can do in the meantime.

    Show Notes:

    1:30: What caused the shortage?

    1:57: Some of the issues that factored into the shortage.

    3:06: How employee shortages compounded the shortage and how this snowballed through the supply chain.

    3:30: How long is the shortage going to last and when can we expect it to start getting better?

    4:35: How to make your phone last for another year.

    5:15: Black Friday sales—did not extend to phones this year!

    7:10: How to be first in line to purchase the few available devices and products

    7:53: Purchased refurbished tech.

    9:50: Take care of the items you have and repair rather than replace.

    11:30: Best practices for taking care of your computers.

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

  • Ssn 2 Ep 11: Popular Techy Gadgets for Gift-Giving 2021

    A look at some of the most popular tech-related gadgets, perfect for gift-giving.

    23 Hottest Cool Gadgets That Are Going to Sell out This December

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

  • Ssn 2 Ep 10: Navigating the Holidays, Cyber-Safely

    Cyberattacks increase during the holiday season--not just online scams and cyber theft but phishing attacks, as well (watch your inbox!). Awareness is the key to avoid becoming a victim.

  • Ssn 2 Ep 9: Guess Who’s Accountable

    New regulations coming for cybersecurity providers: accountability, liability—and what that means for you.

    Show Notes:

    1:15: Discussion of new regulations that are coming for the managed services industry

    1:40: What is the difference between MSPs and MSSPs?

    3:10: How much trouble can you get into if you’re overselling your services?

    4:30: Up until now, this industry has been without regulations

    4:58: Service providers currently may not realize they don’t have the skill set required to work in this space

    5:45: Other service providers and contractors have to go through continuing education and certification, but this has not been required for the managed services industry

    6:48: Self-assessment forms from your cybersecurity insurance broker can help you determine what kind of cyber security measures you need to have in place

    9:07: What kind of disclaimer should an MSP/MSSP have in place for clients who are refusing certain services: Signed Denial of Service letter

    10:45: The importance for service providers to be aware of changing laws and regulations for their industry—keep breast of services that are no longer optional

    12:12: Dept of Justice’s new regulations for MSP/MSSPs

    13:46: Businesses may no longer be able to pick and choose what services they need

    14:18: When filling out the questionnaires, don’t check “yes” if you’re not doing something

    17:35: Special requirements and regulations for public or quasi-public companies

    21:31: What’s the easiest way to keep your ear to the ground on changing regulations that will affect your business?

    22:42: Current administration is pushing zero trust and Amazon’s offer of free security training

    Links:

    DOJ Vows to Prosecute Cybersecurity Fraud by MSPs, MSSPs and Government Contractors

    https://www.msspalert.com/cybersecurity-markets/americas/doj-vows-to-prosecute-cybersecurity-fraud-by-msps-mssps-and-government-contractors/

    Acting Assistant Attorney General Brian M. Boynton Delivers Remarks at the Cybersecurity and Infrastructure Security Agency (CISA) Fourth Annual National Cybersecurity Summit

    Washington, DC

    Wednesday, October 13, 2021

    https://www.justice.gov/opa/speech/acting-assistant-attorney-general-brian-m-boynton-delivers-remarks-cybersecurity-and

    Deputy Attorney General Lisa O. Monaco Announces New Civil Cyber-Fraud Initiativehttps://www.justice.gov/opa/pr/deputy-attorney-general-lisa-o-monaco-announces-new-civil-cyber-fraud-initiative

    Amazon Security Training:

    https://aws.amazon.com/security/amazon-security-initiatives/

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

  • Ssn 2 Ep 8: Bring Your Own Environment: Working From Anywhere And The Accompanying Security Risks

    Show Notes

    :30: Top Trends in Technology

    1:18: Exciting opportunities for businesses that embrace a work-from-anywhere business model.

    1:30: People can leave a larger city and live anywhere they want to

    4:55: Bring Your Own Environment: Using a secure client that allows services to be accessed safely by all users

    5:30: Blocks phishing attempts

    6:05: Zero Trust Environment eliminates your physical space and enables working from anywhere safely

    6:35: How can people go about setting up a client or VPN?

    8:45: Hackers at the coffee shop can’t get in because you’re on your own separate server

    9:04: Can all employees access shared equipment and/or each other’s devices?

    11:20: A growing problem with VPN providers—not all are secure.

    13:00: Statistics why mobile work environments support business growth

    14:08: One challenge with mobile work environments—the loss of “accidental knowledge”

    15:50: Coffee pot chatter and building relationships—how to make that happen in a remote work environment

    18:42: Other reasons why remote working increases a business’ growth opportunities

    19:25: Discussion of companies cutting employees’ salaries if they choose to work from home, and paying based on where you’re working (geographically)

    Link: Technology Visions 2021

    https://www.accenture.com/us-en/insights/technology/technology-trends-2021?c=acn_us_technologyvisiogoogle_11975584&n=psgs_0221&gclid=CjwKCAjwiY6MBhBqEiwARFSCPgfWPD84sS1hjxcS7HhUU1U8mc9mcaHIjgKlZRfcEHTah7DrxsCbRxoCyC0QAvD_BwE&gclsrc=aw.ds

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

  • Ssn 2 Ep 7: Will AI Replace Us?

    With the exponential advances in AI technology, we can’t help wondering if one day our jobs will become obsolete. In today’s episode we talk about some of the issues surrounding AI and how to keep relevant in a rapidly changing work environment.

    Show Notes

    :45: Lighthearted discussion about self-driving cars.

    5:25: Will AI replace us?

    5:34: Predictions and discussions about AI tech from college professors.

    6:50: Throughout time, technology has replaced people and will continue to do so: automation is the trend of the future.

    7:24: Benefits of AI to business owners and forecasting for the future.

    9:30: The biggest use of AI today is mined from social media, where large amounts of data are required.

    10:19: Potential use of AI in the field of medicine and health care.

    11:40: Looking at your industry and foreseeing what skills you might need to be developing now so you can remain employable.

    12:24: The use of AI in screening job applications and resumes.

    13:03: Technology has changed the face of business and we’re competing in a world-wide marketplace.

    14:15: SWOT analysis: analyzing internal strengths and weaknesses and external opportunities and threats.

    14:29: Paying attention to where your job is headed. Story about a company offering a voluntary severance package prior to layoffs.

    16:30: Analyze your skill set; if jobs dried up in your industry, what industry could you transfer into—and diversify your skill set accordingly.

    17:57: Brief discussion of the importance of soft skills vs. hard skills

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

  • Ssn 2 Ep 6: Don’t Die on Me Now!

    You know the signs. The signs that your computer or mobile device is not going to last much longer--but you’re not ready to invest in a replacement. You may be able to get a little more life out of your aging devices and buy yourself some time!

    Show Notes

    :30: How can we get a little more life out of our devices?

    :53: Hard reset: Resetting your phone to factory settings.

    1:21: Make sure you run backups of all your important data first.

    2:26: Clearing your storage and freeing up space. Make sure you delete the cache for your photo gallery—those files can remain for a week before being permanently deleted.

    4:28: Operating systems and software updates are larger and larger and requires more memory and speed from aging hardware.

    4:57: SSDs, and rebuilding your hard drive

    5:40: Upgrade memory/RAM to 16GB

    6:26: Defragmentation

    7:17: Upgrading to an SSD and 16GB of RAM could possibly buy you another year.

    7:47: Budgeting for new hardware needs to be an ongoing part of your long-term plan.

    9:06: CCleaner for keeping the registry clean, clearing the cache, and keeping performance up

    10:32: Be aware that if you frequently install and uninstall apps on your mobile device, that can degrade performance over time.

    11:40: A rebuild will help clear out excess junk on your devices, quick overview of how to do that.

    12:42: Windows Virtual Desktop, and how that can increase performance.

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

  • Ssn 2 Ep 5: Warning Lights

    Signs your computer is having problems—and what those signs might mean

    :35: Your computer is suddenly going really slow—what’s up with that?

    :50: Drive failure and rebuilding your computer, should performance be comparable to what it was before, with a new drive?

    2:30: What happens to your computer when you install and uninstall programs too frequently?

    3:16: Microsoft’s feature releases for Windows 10 vs. service packs or patches and the impact on your computer’s performance

    4:36: Brief discussion of Windows 11 release and a user’s current TPM (Trusted Platform Module)

    5:38: Other reasons why your computer might be going slow due to malware

    6:05: Using task manager to figure out where an issue of sluggishness might be coming from

    10:12: Case study of a company whose system was running sluggish and discovered a trojan horse style virus

    12:03: With upgrades to system software, performance naturally goes down

    12:16: How long does the average computer last, in a business setting?

    13:25: How does an IT manager make the decision of when to replace computers (preferably before they die)?

    13:54: Monitoring the age of your computers and the lifecycle of those machines

    15:22: Moving quickly when you begin experiencing degradation of performance

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

    You’ll find the downloadable version of these show notes at: https://EastAtlanticSecurity.com/ then navigate to the Cyber Savvy CafĂ© page

  • Ssn 2 Ep 3: Recognize This?

    The 10 Most Common Passwords—Is Yours on this List?

    In today’s episode, we have fun discussing the 10 most common passwords and safe (and unsafe) password practices. We take a look at how cyber-criminals hack unsecure passwords and review best practices for password safety.

    Most Common Passwords: 2021 Latest Statistics

    https://cybernews.com/best-password-managers/most-common-passwords/

    123456 123456789 qwerty password 12345 qwerty123 1q2w3e 12345678 111111 1234567890

    :46: How common is it for people to be using easy-to-guess, common passwords?

    2:41: Let’s dive in to the top 10 passwords: sequential digits and patterns

    5:41: Password safes—what they are and how to use them

    9:01: Why is a password safe more secure than using your browser to remember your passwords?

    9:09: The problem with browsers

    10:16: How do you know if you’re running plugins or extensions—how do you locate those easily and disable them?

    12:24: What about Chrome apps?

    13:16: The most popular years that are used in passwords

    13:52: Using significant years in your passwords and social engineering

    14:25: Favorite name as a password, common sports, common cities, and the most popular cusswords

    14:55: Password length—how using the most commonly used lengths can help hackers break in

    16:00: What is brute force, and how exactly do hackers break in?

    16:45: How long does it take to crack a 24-character password with today’s technology?

    17:08: Online tools that test your password strength: DON’T USE THEM!

    18:45: How often should you change your passwords?

    19:00: Multi-factor authentication

    19:37: In summary, best password practices reviewed

    20:05: Other threats, phishing attacks, SIM swapping, and the use of authenticator apps.

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

  • Ssn 2 Ep 2: 3 Reasons Why Remote Workstations are the Target, Pt 2

    Remote working has been on the rise in recent years and exploded in 2020 during the pandemic. Find out why remote workstations are a popular target for hackers--and what you need to do to protect the corporate network from a breach through this mostly-unprotected back door.

    The conclusion...

    Show Notes

    SHOW NOTES

    1:17: Next step after segmentation, a Zero Trust approach to network security

    1:45: The big topic of Phishing—still the #1 way of breaking into your network

    3:07: Keeping phishing issues top-of-mind with phishing simulations.

    4:06: Inevitably, someone in your company is going to click on something and is going to get infected. Are you going to be able to stop the lateral movement and stop it from spreading to other machines

    4:40: Limited accessibility so employees have access only to the things they need

    5:20: Zero Trust technology helps mitigate this

    5:30: Multifactor authentication

    5:45: How to prioritize the things that need to be handled first

    6:00: Running a Risk Assessment

    7:42: More about Phishing and Acceptable Use Policies

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

  • Ssn 2 Ep 1:

    Top 3 Issues that Make Remote Workstations a Juicy Target and How to Solve Them, Pt 1

    Remote working has been on the rise in recent years and exploded in 2020 during the pandemic. Find out why remote workstations are a popular target for hackers--and what you need to do to protect the corporate network from a breach through this mostly-unprotected back door.

    SHOW NOTES:

    :47: Let’s define what we mean by “remote working”.

    1:18: We were working remotely for years before the pandemic, but remote working has changed since 2020.

    2:36: We’re making an assumption that people are working on a company-provided equipment that’s managed by an IT dept.

    3:43: Why do remote workstations put corporate networks at greater risk than a traditional office environment?

    3:50: Discussion of article about a number of laptops that were unknowingly infected with malware, and what happened when those laptops went home during the pandemic.

    4:43: What are the top 3 reasons why remote workstations are a hot target?

    4:55: Number One, No corporate firewall.

    6:23: Discussion of best practices—and inherent dangers—when setting up your router, setting the password, and hiding the SSID.

    9:25: What do people need to do in order to know if their firewall is secure?

    10:00: If you have employees working remotely, what do you need to do?

    10:59: What if your employees are working remotely using public wi-fi?

    Downloadable pdf from media.defense.gov, "Securing Wireless Devices in Public Settings":

    https://media.defense.gov/2021/Jul/29/2002815141/-1/-1/0/CSI_SECURING_WIRELESS_DEVICES_IN_PUBLIC.PDF

    12:34: VPNs and inherent challenges. What is an “always on” product?

    14:18: Number Two: Segmentation; dividing your network into separate networks that don’t allow lateral movement, and what is lateral movement?

    16:10: What happens if you’re not segmented and your VPN is activated?

    17:20: Discussion of an article about hackers who targeted government employees through an active online aerobics presence.

    18:45: How much effort and time are hackers willing to put into gaining access into your network?

    19:00: Discussion of today’s hackers. Gone are the days of the solitary hacker working out of a basement.

    20:20: Discussion of a guy that built a machine for reverse hacking and how he uses it.

    End of Part 1. Catch Part 2 for the rest of the discussion!

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

    You’ll find the downloadable version of these show notes at: https://EastAtlanticSecurity.com/cyber-savvy-cafe/

  • Ssn 1 Ep 24

    Is Your Refrigerator Running? IoT on the Move

    Did you know those smart devices are hackable? Learn how to enjoy the advantages of modern IoT without compromising the security of your network.

    SHOW NOTES

    1:54: If a device is just Bluetooth connected, is it still considered a “smart device” and could it be hacked?

    2:50: How can you improve your office environment with IoT devices and do so safely?

    3:04: Some of the top reasons why businesses would consider using IoT devices in the office.

    6:06: Alexa for Business

    7:56: Some of the security risks with IoT.

    8:15: Patching and updates.

    9:36: Percentage of cyber attacks using IoT devices and number of households and offices that have IoT.

    11:05: Come up with a plan to segment your network so you can use IoT safely and test it on a regular basis.

    12:10: Let’s talk about the smart coffee machine that got hacked (in a test environment).

    14:04: What does “out of the box” mean in relation to IoT devices and how do you configure your settings.

    14:42: A lot of these devices have manufacturer defaults—and how a cyber criminal can capitalize on those.

    16:26: Is there a way to make your IoT devices non-searchable?

    17:25: If you’re at work and not checking your notifications, how someone could hack into your IoT devices before you can stop them.

    17:43: How a refrigerator could be used for a Distributed Denial of Services attack (DDOS).

    19:30: Everything comes with a cost; convenience and privacy issues.

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

  • Ssn 1 Ep 23

    Shopping Online

    Avoiding the common security pitfalls of online shopping, and desktop vs. mobile security issues.

    SHOW NOTES

    :52: What are the potential pitfalls in placing orders on your smart phone?

    2:41: If you are already signed onto Amazon on your smart phone and someone gets ahold of your phone, can they gain access to your payment information on your Amazon account?

    3:59: Amazon is fairly safe to use, what about an online company you’ve never purchased from before—protocols for entering payment information and purchasing safely on your smart phone.

    5:20: Is your desktop a more secure environment to purchase from than your smart phone?

    6:43: Using paypal or venmo with your smart phone.

    7:40: Case incident of how easily you can pick up a virus or malware on your phone.

    9:37: Case incident of an ad company that the Weather Underground app was using, that was pushing unwanted downloads to Weather Underground’s users.

    12:40: Basic recommendation for safe online shopping.

    13:35: Discussion of PayPal usage on your phone.

    13:50: Alerts from PayPal and Amazon if someone is trying to log in from unusual geographic locations.

    15:18: Brief review on current protocols for safe passwords and multi-factor authentication.

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

    You’ll find the downloadable version of these show notes at: https://EastAtlanticSecurity.com/ then navigate to the Cyber Savvy CafĂ© page

  • Ssn 1 Ep 22

    Knock Knock, Who’s There?

    How security awareness training and phishing simulations can save your business from a catastrophic breach.

    SHOW NOTES

    1:01: Let’s talk about why security awareness training is so important and how many businesses may or may not be doing that already.

    1:48 Your employees are the first line of defense in your organization.

    2:19: Phishing is now the primary access point into your network, discussion of changes in company security over the years.

    3:10: The importance of phishing simulations and follow-up training.

    4:33: How does a company find cyber awareness training?

    5:16: How do you measure the success of a cyber awareness training program?

    6:10: The importance of documentation in providing cyber awareness training.

    6:18: Most cyber security insurance requires cyber awareness training, check your policy to make sure you’re in compliance with your insurance company’s requirements.

    6:48: What kind of time investment is needed when providing cyber security awareness training?

    8:19: How ongoing awareness training keeps phishing threats front-of-mind.

    9:00: Going back to cyber insurance, are you in compliance, what happens if you’re not, and making sure you’ve checked all the boxes to keep yourself secure.

    11:52: What happens after a hack, what your insurance company will do to investigate the breach.

    13:00: Two areas to watch out for: a false sense of security that you have insurance and you’ll be covered in case of a breach, and failure to provide cyber awareness training for your staff.

    13:18: The easiest thing to do to prevent a breach.

    14:01: What steps to take to begin training your staff.

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at voices.com

    You’ll find the downloadable version of these show notes at: https://eastatlanticsecurity.com/cyber-savvy-cafe/

  • Ssn 1 Ep 20

    Don’t Bother Me: Why You’re Not “Too Small” to Be Noticed

    Why small businesses are desirable targets—and why cyberattacks against SMBs are on the rise.

    SHOW NOTES

    :46: Alarming statistics of cyber attacks against small businesses.

    1:15: What are Denial of Service attacks?

    2:42: Why do hackers bother with small businesses? How lucrative could that be?

    3:30: No one is 100% secure; if someone wants to breach your network, it’s just a matter of time until they do.

    4:15: Big paydays vs. smaller, easier prey.

    5:06: How can you estimate what a cyberbreach might cost, were you to get breached?

    7:15: 60% of businesses never recover from a single cyberattack, discussion of the cost of a breach.

    8:07: What makes small and medium businesses such easy prey?

    9:27: Discussion of cyber insurance and what you can expect should you be breached.

    12:13: Top things you need to be doing in order to prevent a cyberattack

    12:30: Cyber awareness training for your employees.

    12:56: Understand your risk profile.

    13:40: Acceptable Use Policies

    14:30: Story about leaving a review on Google Play Store and receiving an email from, supposedly, the developer of the app.

    16:23: Any time you receive a link you have to make sure the link is going to the right place before clicking on it.

    16:52: Example of how cyber awareness training can keep cyber security risks front-of-mind to your staff.

    18:10: How ransomware attacks occur.

    If you’d like to hear us cover a topic you’re interested in, contact us! Leave a message on our website, or on our podcast page at Spotify, iTunes, or Google Podcasts.

    Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

    Voiceover Artist: Paul Kadach at www.voices.com

    You’ll find the downloadable version of these show notes at: https://eastatlanticsecurity.com/cyber-savvy-cafe/