In the second part of our two-part Internet Privacy series, we'll explore the complex and daunting world of cyber security for your office and business. Our expert panelists will offer insights into all things Internet as they answer questions like…
• How do you know if you've had a data breach? And what to do about it.
• How do you comply with Nevada's law requiring encrypted transmission of data?
• Should you get a VPN?
• What are the pros and cons of employee-owned (BYOD) vs company-owned devices?
• Should you buy Cyber Risk insurance?
• What are ransomware and malware and how can you protect yourself?
• How can you prevent whaling / phishing high-value targets?
• How does the EU’s new GDPR law affect you?
• And much more!
You won’t want to miss this comprehensive panel discussion if you’re concerned with your business's privacy on the world wide web, and if you want to know what you can do to protect it.
2. 01010001 01110101 01100101 01110011 01110100 01101001 01101111 01101110 00100000 01110100 01101000 01100101 00100000 01001001 01101110 01110011 01101001 01100100 01100101 01110010 00100000 01010100 01101000 01110010 01100101 01100001 01110100
Who Is Alex Berta
Threat Intelligence Lead
• Started working in information security at the young age of 15 years old.
• Has been figured in publications including:
- Private Security Today by Dr. Carter Smith
- Art of Intrusion by Kevin Mitnick
- 2600 Hackers Quarterly
• Awards and Honors
- Innovator of the Year (2016)
- Software Developer of the Year (2014)
- Educator of the Year (2013)
5. 01010001 01110101 01100101 01110011 01110100 01101001 01101111 01101110 00100000 01110100 01101000 01100101 00100000 01001001 01101110 01110011 01101001 01100100 01100101 01110010 00100000 01010100 01101000 01110010 01100101 01100001 01110100
Routers and Features
1. WPA2 Encryption
Do you leave your doors and windows open and unlocked at night? If you aren’t using
WPA2 encryption (or a more current standard) on your wireless router or access point,
then you might as well not even have a door because you’re letting hackers and everyone
else into your wireless network.
2. Built-in Firewall
Your router may feature a built-in firewall that you might not even know it had. This can be
a great tool for allowing or denying traffic originating from the Internet, preventing it from
reaching your computer. You can also use it to control what traffic leaves your network as
well.
3. Guest Network
Do you have visitors that need access to the Internet but you’re not to keen on giving
them your wireless password because you don’t want them having access to everything on
your network.
7. 01010001 01110101 01100101 01110011 01110100 01101001 01101111 01101110 00100000 01110100 01101000 01100101 00100000 01001001 01101110 01110011 01101001 01100100 01100101 01110010 00100000 01010100 01101000 01110010 01100101 01100001 01110100
Bluetooth Attacks
• BlueSnarfing
A BlueSnarfing attack can access information, such as email, contact
lists, calendars, and text messages.
• Bluebugging
Bluebugging attacks allow an attacker to take over a mobile phone.
Attackers can listen in on phone conversations, enable call forwarding,
send messages, and more.
• Blue Jacking
This is the practice of sending unsolicited messages to nearby Bluetooth
devices.
21. 01010001 01110101 01100101 01110011 01110100 01101001 01101111 01101110 00100000 01110100 01101000 01100101 00100000 01001001 01101110 01110011 01101001 01100100 01100101 01110010 00100000 01010100 01101000 01110010 01100101 01100001 01110100
Cyber Risk Insurance – Should you buy it?
• What is Cyber Risk Insurance?
This insurance helps organizations mitigate risk exposure by offsetting
costs involved with recovery after a cyber-related security breach or
similar event.
• What is Cyber Risk?
”Cyber Risk” means any risk of financial loss, disruption or damage to
reputation of an organization from some sort of failure of its information
technology systems.
23. 01010001 01110101 01100101 01110011 01110100 01101001 01101111 01101110 00100000 01110100 01101000 01100101 00100000 01001001 01101110 01110011 01101001 01100100 01100101 01110010 00100000 01010100 01101000 01110010 01100101 01100001 01110100
Dealing with IT security skills shortage
• Move forward with technologies
• Reinvent Training Tactics
• Invest in your tech team
• Invest in your people
• Be more flexible
• Hire for values; Train for skills
• Look at your culture
• Create realistic jobs
24. 01010001 01110101 01100101 01110011 01110100 01101001 01101111 01101110 00100000 01110100 01101000 01100101 00100000 01001001 01101110 01110011 01101001 01100100 01100101 01110010 00100000 01010100 01101000 01110010 01100101 01100001 01110100
ALEXANDER A. BERTA
THREAT INTELLIGENCE LEAD
931.206.6387 ALEX.BERTA@GRIDSMART.COM
LINKEDIN: ALEXANDER BERTA
Editor's Notes
We see it time after time where organizations are using the wrong gear in their offices. We see a lot of home devices in the work place. They may be cheaper to use but they do not receive the updates and support business class devices receive.
WPA2 Encryption is a must. Most wireless can be cracked over time, but make them work harder with WPA2.
Built-in firewalls are great this is a good layer of security that will help keep unwanted guests from accessing the wireless.
Guest Networks are a life saver. If you have someone come in with a mobile device or a computer you don’t know where there device has been so you don’t want that on your network.
Encryption is a must. There are reports all the time of employees leaving laptops in their car and in the middle of the night someone breaks a window and steals the laptop. Later that information is found on some darknet site for sale. With Encryption it will help protect your data and clients information.
Q1 of 2017 security professionals discovered around 725k samples of malware for mac and in the same quarter in 2017 over 7.4 million samples were found for windows.
Anti-Virus was a good history lesson. Everyone has it and it doesn’t work as promised. Its kind of like the old man selling snake oil on the back of a truck promising you his oils will solve every problem when it really doesn’t.
There are some great programs out there though that are a must.
Malwarebytes for Windows, Mac, and mobile devices and Anti-Exploit for servers and workstations.
Ransomware will attack a business every 14 seconds by the end of 2019
Ransomware will cost more than $8 billion in 2018
Ransomware is up 111% from previous years.
Based on your companies standards its hard for me to say what would be best for your company. The COPE is probably the most recognized out of all of them.
Between January and September 2017, there has been32 different threats on Google Play – double the amount from the same period a year before.
The Judy malware, for example, infected upwards of 36.5 million users by September. Over 800 Android apps were infected with Xavir malware, while the WireX botnet might have infected 140,000 devices in 100 countries by its peak on Aug. 17 – perhaps the biggest DDoS botnet to date by Android standards.
There are some great companies out there that will help you if you have a breach or a problem with a incident.