Bryley Information & Tips · October 2021
Assessing Risk Helps Ensure Business Continuity
No construction company would undertake a building without first evaluating and then understanding how it will handle the project’s risks. But that is how a lot of Information Technology is executed. Does that make sense? Think for a moment how much of your employees’ livelihoods and the services and products your organization provides depend on networked computing. Isn’t that how you store and access your intellectual property, client information and business processes?
And do you keep building higher, putting more strain on the network? For instance does an Internet-of-Things machine need to be granted access to your network? Or does someone’s personal device need to log-in to your system?… [5 min. read]
President Garin Livingstone on Cybersecurity
In recognition of cybersecurity awareness month Bryley President Garin Livingstone was invited to speak with Hank Stoltz on the Worcester Chamber’s WCRN radio program Voice of Business. … [3 min. read]
Ethan Brush Promoted to Senior Field Technician
Ethan Brush has been promoted to Senior Field Technician. Ethan will be assuming more responsibilities immediately, including training new hires.
He started at Bryley earlier this year after graduating from Norwich University, a senior military college in Northfield, Vermont, an NSA-designate for Excellence in Cyber Defense. And he arrived at Bryley with programming skills that were tapped to improve Bryley’s automation. Also security is always his foremost concern when making a decision for Bryley’s clients. These are among the reasons for his promotion …
Tech News Mixtape
Stories at the intersection of business and technology
Researchers at the Universities of Birmingham and Surrey discovered a vulnerability when a person pairs a Visa card with the iPhone’s Apple Pay service. “An attacker only needs [access to a] powered on iPhone. The transactions could be relayed from an iPhone inside someone’s bag, without their knowledge.” MasterCard and Amex seem immune to this (as is Visa on either Google Pay or Samsung Pay) … thehackernews.com
At the Wall Street Journal’s Tech Live event Sarah Guo a partner in the venture capital firm Greylock said that the pandemic forced so much business and socializing to the web that there’s been a rush to provide code to meet these needs. “Insecure computing is growing faster than security … for society this is a fundamental problem,” she said. Each new feature or line of code potentially creates a new vulnerability Guo said. “Consumers and businesses are not necessarily taking it as seriously as they need to”… wsj.com (paywall)
A whale of a study has uncovered how phishing campaigns really work. They last only twenty-one hours. There are so-called-by-the-researchers “golden hours” when most people are clicking. These hours occur before the anti-virus softwares start giving alerts NINE HOURS! after the attack starts. The study offers recommendations about how to shorten that response time. For example 1 a lot of phishes also contain links to legitimate content like a logo. When an attack is revealed to the business being spoofed, they are advised to change the assets that the phishing email is linked to (e.g. a logo file’s name can instead point to a warning) … zdnet.com
Don’t forget to control your privacy settings. Your first stop should be Google, because it witnesses and stores a lot of our lives. “Google searches can leave clues about your illnesses … its Maps tools can collect your comings and goings.” And start at Google’s Activity Controls page where you can set the toggle to off … washingtonpost.com
Note: The Tech News Mixtape section is Bryley’s curated list of external stories – stories on the internet that we found helpful. Bryley does not take credit for the content of these stories, nor does it endorse or imply an affiliation with the authors or publications in which they appear.
1 This tactic is made clear with a real-life case at https://blog.knowbe4.com/phishing-golden-hour
Is This the Year You Take Cybersecurity Seriously?
Get Information You Can Count On
Bryley Systems’ Information & Tips newsletter arrives monthly in your email box. It’s a New England-based resource, in continuous publication since 2000.
Subscribe free, below. Unsubscribe any time via the link at the bottom of each newsletter.
And be assured: in more than twenty years, Bryley’s subscriber list has not been shared with any third-party and will not be in the future. Bryley’s Privacy Policy can be found here.
∗ indicates a required field