An Angel in the Firestorm

AFP_T87MX

An Angel in the Firestorm

My wife and I were abruptly woken up at 1:20 AM on Monday, October 9th by a lady driving down the street screaming and honking “Get Out Now!! There is a fire behind your house.” That lady is our angel – she literally saved our lives, as well as the lives of our neighbors.  She wasn’t even from our neighborhood.  We didn’t know her. But her consistent honking and screaming woke up our entire neighborhood.  Her house was burning nearby, but she took her time to drive up and down the streets repeatedly.

We returned the next morning to find that literally everything we owned, and the entire neighborhood was destroyed by the fire.  In fact, most of Santa Rosa as I knew it had been destroyed.  After the first few days of outrunning the still burning fires and dense smoke, we found temporary housing.  Then we posted on Facebook to see if we were connected to anyone that knew her name.  Eventually we were able to find her name and we gave her a call the following week.

We told her our story.  We thanked her for saving our life.  There were many tears shed on that 30 minute phone call.She told us that even though she knew her house was gone, she felt that she owed it to our neighborhood to let people know.  She had only lived in Santa Rosa a short while, but she said that she has never felt a stronger sense of community.   Her exact words were “This community has been so great that I felt obligated to do it.  It was my duty….actually my privilege.”

What is your duty?

This lady did not have a duty to drive up and down our streets, but she knew the need.  It was her privilege to go beyond just taking care of herself.

Business application:  

Sometimes we get so busy at work, that we just put our head down and rapidly go through our “to do” list.   And then “IT” happens…. The phone rings and it is a customer with a problem. Customers are people. They are not interruptions.  They are people with real needs and requests.  If you cash a paycheck, it is because your company has customers.  It is a privilege to have a customer call with a request.  Wouldn’t it be wonderful if we all could take just a moment longer and put ourselves in someone else’s shoes?  I bet we would spend less time reading the policy manual to find reasons why we “can’t,” do something – and we would take a little more time and try to figure out how to make it happen.

When a customer calls with a problem, it may be your duty (job description) to take of them.  But it also may be your privilege!

To find out more about Top Speed Data Communications, contact me at Steve@TopSpeedData.com 

Security Is Complicated

Ddos3.png

So far in 2017, 67% of organizations reported an increase in security incidents. 57% said the rise of incidents is due to more attacks, and 73% believe the attacks could have been better identified or prevented.  Over-complication of security can be an issue.  65% of organizations use anywhere from 6, to more than 50 different security products.  Sometimes with the false hope that layers upon layers of security will keep them safe.

26% of security professionals say they operate in reactive mode with ad hoc approaches to security operations and response.  Many firms that have multiple security products also suffer from budgets issues, system compatibility and a lack of skills.

  • 44% of security alerts are not investigated
  • 54% of legitimate alerts are not remediated.

Obstacles for business organizations:

  • Budget: 35%
  • Compatibility Issues: 28%
  • Lack of trained personnel: 25%
  • Certification requirements: 25%                                                                                        

Traditional concerns remain, while new threats continue to grow:

  • Large scale industrial IoT hacks will increase dramatically in 2018.
  • Ransomware attacks are up 250% in the first half of 2017 at 218,625 incidents compared with 61,832 in all of 2016.
  • Adware infected 75% of organizations.
  • 65% of email is spam, 8% of spam is malicious.

In 61% of organizations, 30% of their systems were impacted during a security breach.  These systems were down from 1 to 8 hours for 65% of those organizations.  The next 12-18 months will be a critical time for organizations to fill their security holes or risk becoming a victim of cybercrime that is likely to cause significant damage to the profitability of their company.  Businesses need to start thinking about protecting their digital assets even more securely than they protect their physical assets.  The time is now to realize that the lock on their front door is no longer their most important security feature.

Actions to Take in Response to WannaCry Malware...

Since the perpetrators of the “WannaCry” cyberattack have not yet been caught, experts warn that there could be a second wave coming. To protect your systems, here are some immediate actions to take:

1. Install all Microsoft security patches. 
For those of you who rely on employees to update their own systems, this would be a good time to verify compliance. This malware (or any other malware for that matter) can sneak into your network as soon as one of these infected systems connects. Once there, it can spread to other unprotected systems and devices.


2. Backup critical data to an unconnected device. 
This ensures that even if your systems are unresponsive, you will have data to reload once the problem is addressed. However, it’s important that you disconnect your backups from the network to prevent the spread of the malware to your backup systems.


3. Deploy antimalware and malware signatures associated with this threat. 
These can be found on the Department of Homeland Security website. TierPoint is available to help our clients if needed.


4. Refresh your counter-phishing policies and training. 
The current speculation is that the malware was introduced via phishing emails. If there is a second wave, it will most likely take the same route. Make sure all employees are trained to recognize suspicious emails, know how to (not) respond to them, and have a method for reporting them to your security administrators.


5. Create a ransomware response plan.
If you are hit with a ransomware attack and are unprepared, there are a number of immediate decisions you will need to make including whether or not to pay the ransom (most experts say no), how to interact with law enforcement, and what information to release to the public. We highly recommend working with a law firm experienced in creating such plans to ensure all your bases are covered.

Republished from an article 5/17/17 by Paul Mazzucco, Chief Security Officer who is responsible for all TierPoint corporate security standards.

To find out more about increasing your network security, contact me at Steve@TopSpeedData.com – or visit us at our NEW WEBSITE – www.TopSpeedData.com