Prepare to Meet Fraud

What you may not understand about Cyber Insurance, even if you already have some, can cost you more than risking not having any at all. There is a shift underway that impacts business + reputation when cyber incidents take place, beyond even GDPR. Please make time to read this.

SMB + Startup CyberSecurity

I recently assembled + moderated a global panel of experts from Europe, Canada + the US to discuss Information Security for startups + small/medium-sized businesses.

What is Resilience?

Resilience is being prepared to respond to unplanned events of all kinds, having a plan to manage those events in effective ways to protect your reputation + bottom line. Here’s some tips for how to design your Resilience Strategy.

Your Defense Needs a Good Offense

WIMZKL was recently engaged in a forensic investigation. The biggest lesson? Teams that aren’t balancing their defensive practice with offensive fluency, and frequently testing their own defenses, will be no match for attackers who are iterating, evolving and learning exponentially faster.

Transform Your Weakest Links Into Your Greatest Assets.

IBM’s Threat Intelligence Index verifies that humans are still the weakest links within organizations and play the major role in making cyberattacks successful. How do we help turn this around by transforming them from our weakest links into our greatest assets for protecting our organizations against cyberattacks?

First, the bad news. Then, the really good news.

As humans, our default instinct is to ignore things that threaten us until they impact us directly even as we are very weak and vulnerable to them. That’s why hardly anyone has an estate plan or business continuity strategy. The real problem is this: the less we care, the more vulnerable we are.

What’s Your Password?

This is funny. Sort of. When Jimmy Kimmel went streetside and asked people, “What’s your password?” in a funny, notably exaggerated way, he revealed how easy it is to manipulate people to get their private information.

Ransomware: to pay or not to pay?

By now, after the global spread of WannaCry, we can use ‘ransomewared’ as a transitive verb. I may be trying to make light of something nasty here because it’s nasty stuff that has ruined the day for many thousands of people. I hope I never have to help anyone ever navigate their way out of such an insidious trap ever again. Unlikely, that. So, here is some solid, step-by-step advice to take should the gods forbid you ever find yourself in that most unsavory situation.

Are Macs safe from Ransomware?

Nope. The first known ransomware attack on Macs, known as “KeRanger”, was downloaded more than 6,000 times before the threat was contained, back in early 2016. While that number is small compared to the number of ransomware attacks on computers running Windows, these threats are growing and we haven’t seen the worst of them, yet. We can expect to see more attacks on Macs. As more and more people are using them than ever before, those-so-inclined are always finding new ways to exploit Macs.

2FA is the best way to protect your accounts

What is 2-factor authentication (2FA)? 2FA is an essential layer of security designed to ensure that you’re the only person who can access your accounts. Even if someone knows your login name and password, they won’t be able to login to your account without this one-time code that is sent to you via SMS (text message)…

Google Docs Scam!

Yesterday alone, I received multiple malicious links in messages sent from email accounts that had been hacked and then used to send out this latest barrage of Google Docs phishing attacks. In each of these messages was a legitimate-looking link to a shared Google Doc. Had I clicked on this link, this is what would…

FBI Phone Scam!

My wife actually received the following voicemail message last week. It’s pretty compelling but fortunately she is aware enough to suspect these kinds of things. These kinds of scams are getting harder and harder to tell apart from real inquiries. A good general rule of thumb is: always be a little bit suspicious of unsolicited…

Why Cybersecurity is So Scary.

It’s not scary when you understand how your business works, what your risks are and how to minimize them and handle cybersecurity events when they occur. Because they will occur, which is why it’s so empowering to have a plan.

Protect Your Business from Cybersecurity Events Using What You Already Have.

Understanding how your small business works, using the technology you already have, protects your bottom line with less effort and expense. Minimizing complexity and focusing on more deeply understanding your existing technology leads to more secure environments you can monitor and evolve with greater competency and confidence.