Ssn 2 Ep 5: Warning Lights

Signs your computer is having problems—and what those signs might mean

:35: Your computer is suddenly going really slow—what’s up with that?

:50: Drive failure and rebuilding your computer, should performance be comparable to what it was before, with a new drive?

2:30: What happens to your computer when you install and uninstall programs too frequently?

3:16: Microsoft’s feature releases for Windows 10 vs. service packs or patches and the impact on your computer’s performance

4:36: Brief discussion of Windows 11 release and a user’s current TPM (Trusted Platform Module)

5:38: Other reasons why your computer might be going slow due to malware

6:05: Using task manager to figure out where an issue of sluggishness might be coming from

10:12: Case study of a company whose system was running sluggish and discovered a trojan horse style virus

12:03: With upgrades to system software, performance naturally goes down

12:16: How long does the average computer last, in a business setting?

13:25: How does an IT manager make the decision of when to replace computers (preferably before they die)?

13:54: Monitoring the age of your computers and the lifecycle of those machines

15:22: Moving quickly when you begin experiencing degradation of performance

Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

Voiceover Artist: Paul Kadach at www.voices.com

You’ll find the downloadable version of these show notes at: https://EastAtlanticSecurity.com/ then navigate to the Cyber Savvy Café page

Ssn 2 Ep 4: Lock it Down

Protecting your data.

Ssn 2 Ep 3: Recognize This?

The 10 Most Common Passwords—Is Yours on this List?

In today’s episode, we have fun discussing the 10 most common passwords and safe (and unsafe) password practices. We take a look at how cyber-criminals hack unsecure passwords and review best practices for password safety.

Most Common Passwords: 2021 Latest Statistics

https://cybernews.com/best-password-managers/most-common-passwords/

1. 123456
2. 123456789
3. qwerty
4. password
5. 12345
6. qwerty123
7. 1q2w3e
8. 12345678
9. 111111
10. 1234567890

:46: How common is it for people to be using easy-to-guess, common passwords?

2:41: Let’s dive in to the top 10 passwords: sequential digits and patterns

5:41: Password safes—what they are and how to use them

9:01: Why is a password safe more secure than using your browser to remember your passwords?

9:09: The problem with browsers

10:16: How do you know if you’re running plugins or extensions—how do you locate those easily and disable them?

12:24: What about Chrome apps?

13:16: The most popular years that are used in passwords

13:52: Using significant years in your passwords and social engineering

14:25: Favorite name as a password, common sports, common cities, and the most popular cusswords

14:55: Password length—how using the most commonly used lengths can help hackers break in

16:00: What is brute force, and how exactly do hackers break in?

16:45: How long does it take to crack a 24-character password with today’s technology?

17:08: Online tools that test your password strength: DON’T USE THEM!

18:45: How often should you change your passwords?

19:00: Multi-factor authentication

19:37: In summary, best password practices reviewed

20:05: Other threats, phishing attacks, SIM swapping, and the use of authenticator apps.

Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

Voiceover Artist: Paul Kadach at www.voices.com

Ssn 2 Ep 2: 3 Reasons Why Remote Workstations are the Target, Pt 2

Remote working has been on the rise in recent years and exploded in 2020 during the pandemic. Find out why remote workstations are a popular target for hackers--and what you need to do to protect the corporate network from a breach through this mostly-unprotected back door.

The conclusion...

Show Notes

SHOW NOTES

1:17: Next step after segmentation, a Zero Trust approach to network security

1:45: The big topic of Phishing—still the #1 way of breaking into your network

3:07: Keeping phishing issues top-of-mind with phishing simulations.

4:06: Inevitably, someone in your company is going to click on something and is going to get infected. Are you going to be able to stop the lateral movement and stop it from spreading to other machines

4:40: Limited accessibility so employees have access only to the things they need

5:20: Zero Trust technology helps mitigate this

5:30: Multifactor authentication

5:45: How to prioritize the things that need to be handled first

6:00: Running a Risk Assessment

7:42: More about Phishing and Acceptable Use Policies

Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

 Voiceover Artist: Paul Kadach at www.voices.com

Ssn 2 Ep 1:

Top 3 Issues that Make Remote Workstations a Juicy Target and How to Solve Them, Pt 1

Remote working has been on the rise in recent years and exploded in 2020 during the pandemic. Find out why remote workstations are a popular target for hackers--and what you need to do to protect the corporate network from a breach through this mostly-unprotected back door.

SHOW NOTES:

:47: Let’s define what we mean by “remote working”.

1:18: We were working remotely for years before the pandemic, but remote working has changed since 2020.

2:36: We’re making an assumption that people are working on a company-provided equipment that’s managed by an IT dept.

3:43: Why do remote workstations put corporate networks at greater risk than a traditional office environment?

3:50: Discussion of article about a number of laptops that were unknowingly infected with malware, and what happened when those laptops went home during the pandemic.

4:43: What are the top 3 reasons why remote workstations are a hot target?

4:55: Number One, No corporate firewall.

6:23: Discussion of best practices—and inherent dangers—when setting up your router, setting the password, and hiding the SSID.

9:25: What do people need to do in order to know if their firewall is secure?

10:00: If you have employees working remotely, what do you need to do?

10:59: What if your employees are working remotely using public wi-fi?

Downloadable pdf from media.defense.gov, "Securing Wireless Devices in Public Settings":

https://media.defense.gov/2021/Jul/29/2002815141/-1/-1/0/CSI_SECURING_WIRELESS_DEVICES_IN_PUBLIC.PDF

12:34: VPNs and inherent challenges. What is an “always on” product?

14:18: Number Two: Segmentation; dividing your network into separate networks that don’t allow lateral movement, and what is lateral movement?

16:10: What happens if you’re not segmented and your VPN is activated?

17:20: Discussion of an article about hackers who targeted government employees through an active online aerobics presence.

18:45: How much effort and time are hackers willing to put into gaining access into your network?

19:00: Discussion of today’s hackers. Gone are the days of the solitary hacker working out of a basement.

20:20: Discussion of a guy that built a machine for reverse hacking and how he uses it.

End of Part 1. Catch Part 2 for the rest of the discussion!

Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

Voiceover Artist: Paul Kadach at www.voices.com

You’ll find the downloadable version of these show notes at: https://EastAtlanticSecurity.com/cyber-savvy-cafe/

Ssn 1 Ep 24

Is Your Refrigerator Running? IoT on the Move

Did you know those smart devices are hackable? Learn how to enjoy the advantages of modern IoT without compromising the security of your network.

SHOW NOTES

1:54: If a device is just Bluetooth connected, is it still considered a “smart device” and could it be hacked?

2:50: How can you improve your office environment with IoT devices and do so safely?

3:04: Some of the top reasons why businesses would consider using IoT devices in the office.

6:06: Alexa for Business

7:56: Some of the security risks with IoT.

8:15: Patching and updates.

9:36: Percentage of cyber attacks using IoT devices and number of households and offices that have IoT.

11:05: Come up with a plan to segment your network so you can use IoT safely and test it on a regular basis.

12:10: Let’s talk about the smart coffee machine that got hacked (in a test environment).

14:04: What does “out of the box” mean in relation to IoT devices and how do you configure your settings.

14:42: A lot of these devices have manufacturer defaults—and how a cyber criminal can capitalize on those.

16:26: Is there a way to make your IoT devices non-searchable?

17:25: If you’re at work and not checking your notifications, how someone could hack into your IoT devices before you can stop them.

17:43: How a refrigerator could be used for a Distributed Denial of Services attack (DDOS).

19:30: Everything comes with a cost; convenience and privacy issues.

Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

Voiceover Artist: Paul Kadach at www.voices.com

Ssn 1 Ep 23

Shopping Online

 Avoiding the common security pitfalls of online shopping, and desktop vs. mobile security issues.

SHOW NOTES

:52: What are the potential pitfalls in placing orders on your smart phone?

2:41: If you are already signed onto Amazon on your smart phone and someone gets ahold of your phone, can they gain access to your payment information on your Amazon account?

3:59: Amazon is fairly safe to use, what about an online company you’ve never purchased from before—protocols for entering payment information and purchasing safely on your smart phone.

5:20: Is your desktop a more secure environment to purchase from than your smart phone?

6:43: Using paypal or venmo with your smart phone.

7:40: Case incident of how easily you can pick up a virus or malware on your phone.

9:37: Case incident of an ad company that the Weather Underground app was using, that was pushing unwanted downloads to Weather Underground’s users.

12:40: Basic recommendation for safe online shopping.

13:35: Discussion of PayPal usage on your phone.

13:50: Alerts from PayPal and Amazon if someone is trying to log in from unusual geographic locations.

15:18: Brief review on current protocols for safe passwords and multi-factor authentication.

Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

Voiceover Artist: Paul Kadach at www.voices.com

You’ll find the downloadable version of these show notes at: https://EastAtlanticSecurity.com/ then navigate to the Cyber Savvy Café page

Ssn 1 Ep 22

Knock Knock, Who’s There?

How security awareness training and phishing simulations can save your business from a catastrophic breach.

SHOW NOTES

1:01: Let’s talk about why security awareness training is so important and how many businesses may or may not be doing that already.

1:48 Your employees are the first line of defense in your organization.

2:19: Phishing is now the primary access point into your network, discussion of changes in company security over the years.

3:10: The importance of phishing simulations and follow-up training.

4:33: How does a company find cyber awareness training?

5:16: How do you measure the success of a cyber awareness training program?

6:10: The importance of documentation in providing cyber awareness training.

6:18: Most cyber security insurance requires cyber awareness training, check your policy to make sure you’re in compliance with your insurance company’s requirements.

6:48: What kind of time investment is needed when providing cyber security awareness training?

8:19: How ongoing awareness training keeps phishing threats front-of-mind.

9:00: Going back to cyber insurance, are you in compliance, what happens if you’re not, and making sure you’ve checked all the boxes to keep yourself secure.

11:52: What happens after a hack, what your insurance company will do to investigate the breach.

13:00: Two areas to watch out for: a false sense of security that you have insurance and you’ll be covered in case of a breach, and failure to provide cyber awareness training for your staff.

13:18: The easiest thing to do to prevent a breach.

14:01: What steps to take to begin training your staff.

Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

Voiceover Artist: Paul Kadach at voices.com

You’ll find the downloadable version of these show notes at: https://eastatlanticsecurity.com/cyber-savvy-cafe/

What happens to your data after a breach?

Ssn 1 Ep 20

Don’t Bother Me: Why You’re Not “Too Small” to Be Noticed

Why small businesses are desirable targets—and why cyberattacks against SMBs are on the rise.

SHOW NOTES

:46: Alarming statistics of cyber attacks against small businesses.

1:15: What are Denial of Service attacks?

2:42: Why do hackers bother with small businesses? How lucrative could that be?

3:30: No one is 100% secure; if someone wants to breach your network, it’s just a matter of time until they do.

4:15: Big paydays vs. smaller, easier prey.

5:06: How can you estimate what a cyberbreach might cost, were you to get breached?

7:15: 60% of businesses never recover from a single cyberattack, discussion of the cost of a breach.

8:07: What makes small and medium businesses such easy prey?

9:27: Discussion of cyber insurance and what you can expect should you be breached.

12:13: Top things you need to be doing in order to prevent a cyberattack

12:30: Cyber awareness training for your employees.

12:56: Understand your risk profile.

13:40: Acceptable Use Policies

14:30: Story about leaving a review on Google Play Store and receiving an email from, supposedly, the developer of the app.

16:23: Any time you receive a link you have to make sure the link is going to the right place before clicking on it.

16:52: Example of how cyber awareness training can keep cyber security risks front-of-mind to your staff.

18:10: How ransomware attacks occur.

 If you’d like to hear us cover a topic you’re interested in, contact us! Leave a message on our website, or on our podcast page at Spotify, iTunes, or Google Podcasts.

Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ https://EastAtlanticSecurity.com/

Voiceover Artist: Paul Kadach at www.voices.com

You’ll find the downloadable version of these show notes at: https://eastatlanticsecurity.com/cyber-savvy-cafe/