computersecuritynewsITSecurity Training

My Company Does Not Need More Cybersecurity

We have enough Cybersecurity – I have an IT guy that knows a lot  and my gut tells me to trust him.  Is that your gut? Or your heart?

Do we trust our gut for everything? Some things?

This book “The Smartest Person in the Room” by Christian Espinosa

Says that many IT people are very good at their jobs except for their ability to meld their mind(IT intelligence), body(gut) and heart.   Which means that the ability to ask for help is not in the cards for some. Christian makes the case that the soft skills are more important than the ability to work with computers.

 

 

I would like to add to Christian’s seminal work and his “Security Methodology”

What is needed is a ‘helper’ auditor which can do some interpretation for management and help the IT staff shore things up.

 

The truth is that management and IT as well as others are not getting it done and the headlines prove it:

 

Microsoft Confident Exchange hack is State Sponsored Operation

Exchange server hacks mean the small business may have been hacked and still have offending code in their systems.

Initially, it was estimated that 20,000 organizations were affected by the attacks, but according to Bloomberg, that number has ballooned to 60,000 and is continuing to rise. That could be because other hackers are rushing through the door opened by Hafnium.

Lessons Learned from SolarWinds Supply Chain Hack

“According to Wheeler, SolarWinds met some of the foundation’s defensive measures. None of them prevented the successful SolarWinds attack, he said. More software hardening is needed.

The SolarWinds Orion software product is proprietary. So how can open-source coding methods help create better security?

SolarWinds followed some poor practices, such as using the insecure FTP protocol and publicly revealing passwords, which may have made these attacks especially easy, Wheeler offered in his Linux Foundation blog.”

 

Why are IT departments always think they can handle things even when they can’t? Are there ways to help them?

“Numerous U.S. government agencies and many private organizations that use SolarWinds Orion software were severely compromised. This was a very dangerous set of supply chain compromises that the information technology community and the open-source community must learn from and take action on, according to the Linux Foundation.”

 

The changing winds of Cybersecurity what do they mean? Cybersecurity always changes as new hacks are developed by the criminal and nation-state hackers.

Your processes to defend your devices and systems will need to change as the threats change.  How is that best accomplished?

 

One way to cover your bases is to read the book I have put together: “Too Late, You’re Hacked – Defending Your Small Business’ Computers and Networks”  get the pre-sale and ebook copy from a link at my fixvirus.com website:

 

 

What does EOL mean? End Of Life –  for software is what happens when software will no longer be updated. which means attackers can attack the old software at will until you upgrade the whole system.

Contact us to discuss

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.