Posts

How to Shop Safe and Secure this Holiday Season

Image
Have you seen the Black Friday and Cyber Monday deals and ads that started before Halloween was even over? Businesses want you to spend your money shopping with them. And that means cyber criminals are just a few steps behind and ready to snag your cash instead.   To help you keep your money safe and receive the gifts you want this holiday season, I'm sharing…   5 TIPS TO SPOT A HOLIDAY SCAM   1.  Beware of the gift that was SUPER CRAPPY or NEVER WAS Keep your eyes peeled for the many clickbait ads promoting sought-after products or the impossible-to-score gift. Unfortunately, some of these ads are from fraudsters, posing as merchants who want to steal your passwords or give you the gift of malware. Some merchants will disappear without a trace, while others will send you an inexpensive, ineffective product for the same reason (AKA the crappy gift). Don't be a victim of the gift that never was. Don't click on the link in the email, avoid the online ad clickbait, shop with r

4 tips to help you stay safe online all year long

Image
October is Cybersecurity Awareness Month, a global effort to help everyone stay safe and protected when using technology whenever and however you connect. I'm proud to be a Champion and support this online safety and education initiative this October. This month is all about taking action. During October, organizations focus on promoting key behaviors to encourage everyone to take control of their online lives. There are many ways to stay safe and secure online, and I want to get you started with 4 basic steps that will take you far. 4 tips to help you stay safe online all year long! Enable Multi-Factor Authentication Use Strong Passwords and a Password Manager Update Your Software Recognize and Report Phishing

How important is your cybersecurity culture?

Image
 Do you have a culture of cybersecurity in your business? When you send out a simulated phishing email, is there a buzz in your office? Are people competing against each other, trying to get the perfect score, and never clicking? Or are they rolling their eyes and complaining about having to take more cybersecurity training?   Did you know that humans are the most significant attack surface in your business? The bad guys are coming for your humans, too, not just your tech. Because your humans have a big target on their backs, you need to build a culture of cybersecurity within your business where everyone understands the vital role they play in staying safe from cyber attacks. Getting all of your humans engaged in cybersecurity is so important NIST even released a guidebook called "Cybersecurity is Everyone's Job."   The guidebook is worth a look. It breaks business functions into seven categories and addresses how each person can do their part to secure the busin

Jumpstart your cybersecurity awareness program

Image
Does building and growing your cybersecurity awareness program seem like an impossible task with no clear path forward?   I hear you. When I built my first cybersecurity awareness program, I was overwhelmed. I had so many fantastic ideas that I wanted to put to work, but I lacked the clarity needed to take action, and I certainly didn’t know what to prioritize. I wasted so much time deciding what to do that weeks and months had gone by, and I had nothing to show for it. Sound familiar?   If you’re nodding your head yes, then you should know that I gained clarity, made decisions, and built an engaging cybersecurity awareness program. What did it take? Lots of research and a little trial and error. Now, I want to share what I learned with you.   I’ve created something new just for you that will take the guesswork and frustration out of building and growing your cybersecurity awareness program. It’s called:   Jumpstart Your Cybersecurity Awareness Program Masterclass  

Have you heard of layer 8?

Image
Take a moment to geek out with me here at the beginning of this email. Before I get to layer 8, I have to talk about the OSI Model. The OSI Model is a model that describes the seven layers that computers use to communicate over networks. You start at the bottom at layer 1 with the physical stuff (think cables and wires). Then it ends at the top with layer 7 with all those awesome apps you use. As a cyber professional, you focus on securing all seven layers. But, did you know there's also a layer that's never pictured in the model? What is layer 8? Let's talk about it. Layer 8 is your humans.  Unfortunately, much like my last email, IT pros refer to humans negatively in layer 8. The IT Pros use layer 8 to focus on their human's lack of awareness and cybersecurity culture. If they lack awareness and culture, isn't that our fault as the cybersecurity pros? Instead of making fun of employees and complaining that they don't know anything, we need to step up and Commu

People are like operating systems

Image
  Three reasons people are like operating systems: People and operating systems both: Process Information Store Information Transfer Information Three reasons people are not like operating systems: Technology is predictable and always acts the same. People are not predictable, and their behavior can surprise you. People are adaptable. With that in mind, would you pick a person or an operating system as your last line of defense against a cyber attack? I would pick the human every time! It's adaptability for the win! You see, technology has to be programmed and told what to do, and even machine learning can only take you so far today. If that threat or phishing email is new or slightly different than what you're expecting, your tech might miss it. However, when you give people the proper training, they can figure out that something is phishy even if it's not the same as what you showed them in training. Humans are used to adapting because our world is constantly changing.

You can't patch stupid

Image
It's time for some sayings to go. It's time to kick "You can't patch stupid" to the curb.   I've heard this saying ever since I've been in IT, and it's said in cyber too. A user would do something wrong, and someone in the department would remark, well, you can't patch stupid. I'm guilty of saying it myself, to be honest with you. Now, I've never said it directly to someone, but I'm sure someone heard one of us say, you can't patch stupid at some point somewhere along the line. I guess it's because we're a grouchy and calloused group in the IT field, but it's not cool, and we need to stop saying it.   I don't talk about feelings often living in a tech world, but imagine how someone would feel if they heard that? Pretty crappy. Would they believe that you're for the human? Would they think you care about providing quality solutions to make their jobs simple and more secure? Would they think that cybersecur