According to a recent Forbes article, CEOs and Board Members don’t get cyber, they aren't being cyber leaders. They see the numbers associated with the cost of cybercrime, yet there is nothing in their playbook to help them guide their company through it, other than to ask, “who’s got this? Is this an IT thing?”
The issue is as basic as it gets.
If the leadership learns cyber, then the requirements go from vague and "someone else’s problem" to front and center. Any business with an online presence needs an internal leader addressing cyber; both by deed and by example.
Why aren’t leaders learning cyber workforce issues? The best analogy I can come up with is how Ronald Reagan learned foreign policy.
Reagan asked his aides to dumb down the topics as much as was necessary for him to understand them, but not more. Then, he asked them to create “lessons,” none lasting more than 10-20 minutes at a time, so he could make time to learn them in such a way that they fit into his busy schedule.
According to NASDAQ, more than 90% of corporate executives say they can't read a cybersecurity report and aren't prepared to handle a major attack. The market is begging for someone who can teach them, the way they can learn it.
A leader who takes ownership of cyber risk is a cyber leader who understands the needs of the users but doesn’t cut corners internally to keep information and devices secure. He leads by taking cyber training alongside his employees, and he complies with all corporate policies as if he were an entry level user, new to the company. He doesn’t ask to be made an exception to the online filtering rules, scanning rules or backup requirements. He does exactly what he expects his users to do as he leads by example. He knows that his account, after all, is the one that the hackers are most likely going to target.
He is also getting feedback not only from his employees and customers but from the vendors he trusts who keep him safe. He is aware that the bad guys need not invest either much time or much money to end his operations, as he knows that only one bullet will kill him and all that he has built. And he is aware that the bullet can be fired from a place so far away that there is no chance of revenge or restitution for his suffering. He knows that the criminal will get away with their act, and he won’t be able to do anything to prevent it from happening a 2nd time if he doesn’t make it a prioritize from making it happen the first time.
Without a cyber leader, every company’s future is compromised. Are you going to be a cyber leader?
The Network Team is hosting a Cyber Security Seminar specifically targeting small business leaders. Learn more and register by clicking below.
The Network Team is proud to support the Cisco Networking Academies in NC, SC and VA. In addition to providing access to Cisco gear at a heavily discounted rate, TNT also provides network installation and management services as well as help with all things servers and storage for the Community College Networking Academies.
When a multi-server/multi-storage environment was recent phased out, TNT donated the equipment to Stanly Community College’s networking academy staff.
TNT’s president, Jeff Gaura, said, “students who continually work on servers and storage in a virtual only environment miss out on learning some of the key skills needed when recovering from a disaster or performing an upgrade. When our equipment was ready to be replaced, I couldn’t think of a better place to put it to use than in our Community College system. The students there were always in a flight simulator equivalent environment, and they just needed a chance to practice flying a real plane. With this donation, I hope that they get to do that.”
The servers and storage were HPE proliant servers and the storage was HPE/Lefthand networks.
Kelly Caudle, Program Head for Cisco Academy Support Center said, “Stanly Community College is very grateful for community partners like The Network Team who through donations of equipment allow our students to practice real world skills. The donation of servers and storage networks from The Network Team will allow SCC Network Management students to setup a VMware environment with realistic network storage. These types of lab experiences make SCC students ready to take on the challenges they find in the businesses where they find employment.”
Most of us connect to public Wifi nearly daily. Part of the process includes agreeing to the terms and conditions. But have you ever read those terms? What do they really say about WiFi security?
A travelling salesman at a TNT client company connected to an unsecured public WiFi in the Denver airport. He agreed to the terms and conditions (as we all do), without realizing that one of those terms is that, essentially, there are no police on the WiFi, meaning the airport is not responsible for what hackers might do to you through the WiFi. Hackers were able to access his email password through the WiFi on his phone. It’s important to note that public WiFi doesn't encrypt data.
Once the hackers had his password, they logged into his email remotely, and for two weeks, they simply monitored his email. Finally, they went through his contacts and emailed many of them an email that included an infected attachment. To ensure the salesman didn’t catch wind of these emails, they set up a rule in his email that did the following: if anyone replied to their email asking if it really was from the businessman, an auto generated reply went out that said yes it was from him. The hackers then set up another rule that deleted those emails so the businessman wouldn’t see them. They also deleted contacts going back to 2010. As you can imagine, this would be disastrous for a salesman.
These were not small time clients either. These were big companies like Nike. Imagine if someone from Nike had clicked on the attachment, and not had the proper cyber security. It would be the Target hack all over again.
TNT’s Senior Network Engineer Dylan Clifford is an email rules master, and this is how he discovered the attack and stopped it. He found the new rules, and could see where the hackers had logged in from another IP address. Dylan changed the email password, turned off the rules, and restored deleted email and contacts.
As you can see, the sophistication hackers are using for their attacks is more extreme than it’s ever been. TNT recommends adding with 2 Factor Authentication to your security strategy. Had the businessman had this in place, while the hackers still would have been able to get his password, they would not have been able to hack into his email, preventing this attack.
Small businesses often feel like they are not a target because they are small, and/or don’t have much customer data. But, like in the Target incident, hackers will go after smaller companies because they know their security is likely weaker, and they can use the smaller company to get into larger enterprises. The company this salesman works for has fewer than 200 employees.
A multi-layered approach can shore up defenses for small businesses, regardless of the WiFi security (or insecurity) you are dealing with. The Network Team has a full suite of security offerings that can help protect your company and customer data.
We are also hosting a free small business cyber security seminar to teach you about the tactics hackers are using to get into your network, as well as what you can do to mitigate the cost of an attack.
TNT has been tackling the question, “what is the best way to manage and maintain users and their applications when there is limited time and money to train them?”
For those customers who intuitively understood that information stored on a devices that traveled is unsafe, we have marketed, installed and maintained multiply flavors of Citrix Products. Citrix, as a company, has grown to being more than middleware (software that acts as a bridge between an operating system or database and applications, especially on a network). However, their middleware solution still represents their flagship offering. With the ever increasing incidents of cyber crime and cyberattacks, Citrix represents the safest alternative to keeping both users and company assets safe from harm.
Citrix’s mainstream offerings, XenApp and Xendesktop, have been expensive both to install and keep licensed. Good news! Citrix now has a secure cloud offering, driven by a relatively easy to use web interface that takes a job that used to take days to perform into a single day event. Licensing is no longer perpetual, in that you don’t buy it and keep it. Instead, you pay a subscription fee and Citrix keeps all the background information and administrative programs up to date and safe, for you.
Best of all, it runs in Azure, meaning it is easy to integrate with Office 365, One Drive and any cloud storage platform that you are using.
TNT engineers were recently trained by a Citrix engineer, in a one-on-one experience, how to use and deploy to base cloud applications. They are ready to talk to you about helping you upgrade.
A secure cloud deployment is worth more than Gold these days. Citrix, combined with a fully managed security offering, represents a turn key solution that will keep auditors and compliance officers happy, at all times.