Up Times • Feb. 2023

Business Continuity Mixtape – Bryley-curated stories from around the internet:

From the insurance industry perspective, Joseph Brunsman of Chesapeake Professional Liability Brokers explains the value of a managed IT service provider: if a vulnerability comes out through CVSS that has a score of eight or greater your business has fourteen days to implement that patch or you could effectively have zero cyber insurance moving forward. (CVSS stands for Common Vulnerability Scoring System; it’s the US governmental ratings of vulnerability severity.)

Brunsman goes on to explain how patching ain’t easy – on the contrary, it is easy to break something when a vendor issues a patch that conflicts with other hardware or software (that’s why Bryley vets patches thoroughly) … [14 min. video] youtube.com

As shown on Bryley partner SonicWall’s Live Attack Map, it’s maybe easier to get a sense of the reality and severity of the cyberwar we’re in, the frequency of bombardment we face – especially in the northeast United States. Who can really calculate the toll this continual state of war demands? sonicwall.com

There’s been a significant victory in our cyberwar as the FBI and Europol announced the shutting down of ransomware gang Hive’s website/dark web portal and obtained decryption keys that freed victims from paying $130 million dollars in ransom. Hive is notorious for its attacks on US and European infrastructure, schools and hospitals … [5 min. read] hackread.com

Bryley partner Barracuda wrote about the recently-issued warning from the FBI concerning SIM-swapping fraud. SIM-swapping is when a criminal armed with your compromised personal information contacts your cell-phone carrier claiming to be you. The impersonator tells them your phone (with its changeable SIM chip) is lost. They ask the mobile carrier to link user account details to a new phone with a new SIM card … [Now] with full access to mobile accounts, attackers can extend social engineering efforts to [your] text and email contacts [using your familiar number, so your contacts will trust it’s you]. They may also be able to directly compromise banking and e-commerce accounts if users have linked these accounts to their mobile numbers. Phone numbers are often tied to crypto accounts, so you can imagine how devastating this can be.

The remedies Barracuda suggests include containing the public exposure of your information like on social media, having secure passwords and using a stronger form of MFA … [5 min. read] barracuda.com

The classroom of the future as suggested by Dall-e image generator.

To paraphrase my mother, ‘there’s lots of brilliance in the world,’ but at the moment Ian Leslie offers welcome level-headed wisdom. This week he answered the recent artificial-intelligence-breaking-education buzz like this: curiosity is not a function of ignorance but of information. We need to know something about a topic in order to be aware of what we don’t know. Then the more we know, the more we understand, the more we want to know. We talk about ‘sparking’ curiosity, but sparks are useless without kindling. Rather than quenching curiosity, facts are the logs we throw on the fire. (By ‘facts’ here I mean knowledge or content more generally) … [7 min. read] ianleslie.substack.com (paywall)

^{Note: The Mixtape section is Bryley’s curated list of external stories. Bryley does not take credit for the content of these stories, nor does it endorse or imply an affiliation with the authors or publications in which they appear.}