UnHacked

I can't tell you how many times I've heard, "I've moved to the cloud, now I'm safe!" Nothing could be farther from the truth. In fact, a recent study of 600 organizations found that 95% had suffered some form of a cloud-related breach. We have to stop this! Listen to Episode 18 to find out how.

I like to say that once you've been hit, you can never get UnHacked. Well, let's take a look at the worst-case scenario and create a plan. Just in case.

In this episode, the hosts discuss the importance of company culture in cybersecurity. They emphasize the need for businesses to prioritize cybersecurity and create a culture that values and promotes security practices. They share stories and examples that highlight the consequences of neglecting cybersecurity and the benefits of implementing a strong security culture. The hosts stress the importance of ongoing training and education for employees, as well as the need for leadership to set the tone and lead by example. They also discuss the financial implications of a breach and the relatively low cost of investing in cybersecurity compared to the potential losses from a breach.

In a very literal sense, without the proper formula for cyber security, your business is likely to suffer an attack from which you may never recover. This episode could save the life of your business. 

I like to say, "If cybersecurity protections aren't a giant pain in the ass, you're probably not doing it right." Passwords come to mind. Super long, super complex, never use the same one twice, and change it every 30 - 90 days. That's a pain in the ass right there! But... Here's why it's important and how to keep it simple (well, simple-ish).

Your janitor has keys to your office and is expected to enter the building when nobody's home. What if they were paid to plant spy equipment on your computers? True story! How do you protect against that?!?! Well... we'll tell you exactly how!

The sad reality of cybercrime (and crime in general) is that there will always be criminals. Like I was taught when I worked as an armed guard for an armored car company: our goal is not to eradicate crime, our goal is simply to make it happen to somebody else. Cybercriminals WILL steal money. The question is: will it be YOU? Don't be low hanging fruit. Listen to this episode as we teach you how to "Make It Happen To Somebody Else".

In most episodes we talk about the devastating financial and emotional cost of a breach. This time, as far as public record goes, "The company does not expect the incident to have a material impact".A Russian state-sponsored attack on HPE (Hewlett Packard Enterprise) "targeted 'a small percentage of HPE mailboxes' used by staff in cybersecurity...." Hmmmmm. Ok...?Well, public record is what it is. That said, what can we learn? Take a listen and we'll break it down for you!

An Ontario hospital system is hit with ransomware. 20,000 appointments cancelled. 267,000 patient records leaked. 3,000 employee records leaked. That's all you've got?? Child's play! Here's a $480 million class action lawsuit to go with it. Enjoy!

Key point: It's all about the people. We are the weakest link in the cybersecurity chain. Training, policies and procedures, and 3rd party assessments are your friend.

Antonio A. Rucci is a retired Counterintelligence Special Agent and US Army Warrant Officer, with more than 39 years of technical security experience. Tony runs a private CyberSecurity Consulting Firm in Knoxville, TN performing Penetration Testing, Passive Network Assessments and Incident Response Professional Services to both private government and commercial entities throughout the country.Tony ran technical espionage and computer crimes investigations for a good portion of his operational career. He served as the Counterintelligence Operations Officer at The White House; serving two administrations from 1998-2004. He led the technical accreditation for a critical facility at one of the DOE National Labs before being recruited to move to Reno, Nevada to build a data center for one of the beltway bandits. Since then, Tony has started three of his own companies; served as the Chief Security Officer for two others; and ran Incident Response & Threat Intelligence for two others before stepping back into Private Consulting. Tony continues to serve national security efforts with his CyberSecurity Consulting Firm in Knoxville, and gets in the way a lot while Pam, his wife of 39 years, is taking care of their three beautiful grand babies!

Cybersecurity awareness training us usually an afterthought at best. The conversation is usually about securing technology. Until this changes, we will continue to be on the losing end of the battle.

Sometimes the FBI believes a security problem is bad enough that they feel justified breaking into your network to fix the problem for you. Which is a federal offense. You can go to federal prison for this. Unless you are the FBI. So... get your house in order, or roll out the red carpet for the government to come in and do it for you.

What goes on behind the scenes in the world of cybersecurity?

In the event of a breach, SOMEONE will be held accountable. Investigations, fines, lawsuits. It's never pretty. If you haven't properly protected your technology (or hired someone to do it), it's YOUR neck on the line.

One of the most overlooked steps you need to take to protect your organization.

As Russia and Ukraine both include cyber attacks in their war effort, what does this mean for the rest of us?