Entries by Lawrence Strauss

What Does the SolarWinds Breach Mean?

For some perspective on the massive hack I spoke with David Byler, a Bryley trusted security advisor, “… what’s scary about this versus say the Equifax breach or the Home Depot breach is that in those the target was the customer data for that specific company. Also Equifax and Home Depot are not known as tech companies. SolarWinds is a tech company supplying tech to help tech companies manage their tech. So for them to get breached feels like this extra big thing …” [7 min. read]

Do or do not. There is no try.

“I found myself at 30 unsatisfied with the professional roles I’d had,” said Frank Walek. “I saw that every job had just kind of presented itself to me. And if I was going to do things better going forward, I’d have to start by asking, ‘what work would I actually want to do?’” [3 min. read]

The Last Line of Defense

Cybercriminals have gotten through some of the world’s best defenses. They’re often after data, corrupting it, and locking it up for payment through ransomware. No security strategy is complete until it takes the last step of protecting data with quickly available, full, uncorrupted copies of everything your business depends on [6.5 min. read]

Dark Web Coin

The barrier to ransomware entry has become so low. Ransomware is now distributed on the dark web like any other Software as a Service (SAAS, e.g. Spotify, Netflix, Dropbox). And its pricing starts at about $20 for a basic-level ransomware attack. Type “RAAS” or “ransomware as a service” in a dark web search engine. You’ll get pages of results. Most people think of hackers as geniuses. That’s far from true any more.

Mah Bad

“People are one of the weakest links” in securing technology. Still organizations invest ten to twenty times the amount to secure the equipment and networks than they invest, “ensuring all people [using the technology] understand the organization’s IT security policy, procedures, and practices [4.5 min. read]

The Truth About Your Email Host and Archiving

Whether your business is using G-Suite, Office 365 or another email server, the fine-print agreements release those providers from liability for anything happening to your email data. The reality is Microsoft, Google, etc. are liable for the infrastructure on which your data resides (i.e. if their data center goes down, they’re going to do what they can to get it back and running). They are not answerable for your data, including emails [4.5 min. read]