Douglas Nagan's Blog (11)

What You Should Do to Detect & Respond to Ransomware

I created these steps, collected from various sources and personal experience, to provide you with guidance on what you should be doing to prevent, detect and respond to ransomware and other malicious software attacks. Hope you find it useful. If you would like more information I suggest you take our course on managing cyber exposures at the Global Risk Academy…


Added by Douglas Nagan on July 20, 2017 at 9:27pm — No Comments

Vacation time is not the time to relax cyber security

I realize that many of you are enjoying the summer (at least in the northern hemisphere) and relaxing as you contemplate a vacation, this invariably will include your cyber security watchfulness. Unfortunately the cyber predators realize this and have learned to ramp up their activity during your relaxation. The graph below demonstrates how the pattern shifted from 2015 to 2016. It is too early to tell if this will reoccur this year but initial data seems to suggest that the ramp up is…


Added by Douglas Nagan on July 10, 2017 at 2:25pm — No Comments

Petya’s Lessons so far

As the latest major hack, code named Petya, gets dissected the picture is getting clearer. Especially when combined with the information in the latest Verizon DBIR report. Link here.

What this means is that if you updated your Microsoft operating system in a timely manner you are safe, as it appears that Petya is exploiting a vulnerability in Windows that was patched months ago and the virus was transmitted via a malicious…


Added by Douglas Nagan on June 30, 2017 at 7:30pm — No Comments

The June 27th Cyber Hack - First Thoughts

Computer systems from Russia to the United States were struck on Tuesday in an international cyberattack that bore similarities to a recent assault that crippled tens of thousands of machines worldwide.

Symantec has said the new attack was using the same hacking tool created by the National Security Agency that was used in the WannaCry attacks. The vulnerability was patched by Microsoft last April, but as the WannaCry attacks demonstrated, hundreds of thousands of organizations around…


Added by Douglas Nagan on June 27, 2017 at 8:33pm — No Comments

SANS 2017 Security Awareness Report - Some Thoughts

SANS has recently published its annual security awareness report (click on the link for a copy). Key is the concept of ‘security awareness’, which when combined with their Security Awareness Maturity Model provides a pathway to improved cyber security by managing the organizations cyber security culture.

Sound familiar? It should as that has been my message for years and is integral to my approach and courses. All…


Added by Douglas Nagan on June 5, 2017 at 6:00pm — No Comments

Symantec ISTR 2017

Symantec recently released its latest Internet Security Threat Report (ISTR). If you are not familiar with this report it provides a global snapshot of the state of internet threats. It examines Targeted Attacks; Email: Malware, spam & phishing; Web attacks, toolkits, & exploiting vulnerabilities online; Cyber Crime and the underground economy; Ransomware: extorting businesses & consumers; New frontiers: Internet of Things, mobile, & cloud threats.

If you want to get…


Added by Douglas Nagan on May 29, 2017 at 7:30pm — No Comments

Massive Global Cyber Attack

On Friday, as most of you know, there was a massive global cyber attack that took the form of ransomware. The cost of which is still be calculated.

When you read the articles and analysis several things stand out, which I have been advising you about for some time. The attacks exploited non technical issues. Specifically the all too human behavior that clicks on emails or links that are not secure and not doing updates to key software in a timely manner. All the security technology is…


Added by Douglas Nagan on May 13, 2017 at 3:00pm — No Comments

Cyber Security Culture Barometer

We have provided this simple self-assessment and score card free of charge in hopes that it will cause you to consider the impact that your organizations corporate cyber security culture has on your efforts to address your cyber threats and exposures.

Today the pace of change in malicious cyber events is accelerating. In the past the risks were mainly in someone gaining access to valuable information such as proprietary company information, financial records, customer credit card…


Added by Douglas Nagan on February 22, 2017 at 2:00pm — No Comments

Cyber Wack-a-mole - It's not a game

It can be all to easy to get caught in the trap of cyber wack-a-mole, where as soon as you need with one cyber threat several more appear. The link that follows will take you to a short (2 minute) video that outlines the the situation most of us find ourselves in.

Take a look. I appreciate your feedback.


Added by Douglas Nagan on October 29, 2016 at 3:16pm — No Comments

Managing Cyber Exposure vs Cyber Risk

Much effort is being expended, rightly so, in addressing cyber risks. However, it is a frustrating exercise since new risks and threat vectors are arising daily, even hourly. If you would like to stop playing cyber wack-a-mole and get on the offensive watch this video. It only takes 5 minutes and will explain why understanding and managing your cyber exposures provides a way to take the offensive.

Hope you enjoy and gain something from it.…


Added by Douglas Nagan on October 13, 2016 at 8:11pm — No Comments

Understanding Cyber Exposure

There is a weakness in cyber risk to focus on the technical issues. They are necessary but not sufficient if you want to understand and manage all your cyber exposures, which I define as the vulnerabilities that arise as a result of activity using computers and the Internet. There is a great range of these vulnerabilities that are not being addressed.

An example would be the exposures…


Added by Douglas Nagan on June 11, 2015 at 6:30pm — No Comments

Our Sponsors

Would you like to reach over 22,000 + Risk Professionals? 



Advance Your Career - Take the Global Risk Academy Courses Below

Business Exchange

If your organization delivers products and services that bring value to our members, you are welcome to join our partnership program.

Companies are welcome to setup a business profile page in our Multimedia Business Directory. You will get full control of the page and can include cutting edge possibilities – videos, adverts, presentations, white papers, job offers, Press Releases, product information, company blog, news feeds and more.


Our Knowledge Partners

Request our MEDIA KIT



Our Twitter feed

© 2017   Created by Boris Agranovich.   Powered by

Badges  |  Report an Issue  |  Terms of Service