Douglas Nagan's Blog (16)

Secondary Cyber Exposure - What is it and should you care?

Virtually all cyber exposure programs today are directed at addressing the cyber exposures an organization faces from its own resources and activities and from outside sources. This is necessary but not sufficient.

Why? Because most organizations also face secondary cyber exposures that they are neither aware of nor prepared to address. For example, many organizations do not manage, or own their own properties but inhabit facility space managed by someone else. That someone, generally…

Continue

Added by Douglas Nagan on November 10, 2017 at 8:00am — No Comments

Feeling Helpless and Angry

Having just completed a phone call I am feeling helpless and a bit angry. Why because the call was from a friend and colleague whose company just had a ransomware attack. It was successful and they are faced with either paying the ransom, or facing a total disruption of their business model and taking a major hit to their corporate reputation as they slowly work their way out of the mess.

Why Helpless? Because the damage is done. If they had taken our courses on managing cyber…

Continue

Added by Douglas Nagan on October 24, 2017 at 2:12pm — No Comments

Managing your Cyber Exposure – Ransomware is ramping up

Now that vacation time is over in the Northern Hemisphere. Did you relax? Unwind? Clear your mind?

Well I sure hope so because the cyber predators have been setting new clickable traps, and sending devious emails to greet you on your return. Also, in your absence cyber predators continued to launch millions of attacks daily across the globe. And many involve ransomware.

The emergence of ransomware is simple to explain. It can be obtained free or easily made. It has a high…

Continue

Added by Douglas Nagan on September 14, 2017 at 10:30pm — No Comments

Managing your Cyber Exposure – Ransomware is ramping up

Now that vacation time is over in the Northern Hemisphere. Did you relax? Unwind? Clear your mind?

Well I sure hope so because the cyber predators have been setting new clickable traps, and sending devious emails to greet you on your return. Also, in your absence cyber predators continued to launch millions of attacks daily across the globe. And many involve ransomware.

The emergence of ransomware is simple to explain. It can be obtained free or easily made. It has a high…

Continue

Added by Douglas Nagan on September 11, 2017 at 7:00pm — No Comments

US Senate Cyber Security Bill

The United States Senate earlier this week introduced a bill with the short title ‘‘Internet of Things (IoT) Cybersecurity Improvement Act of 2017’’. Quite impressive sounding and would have been very useful if it did indeed provide a path to improved cybersecurity for the IoT. Having read the bill I can tell you that, in my opinion, you will gain little confidence that it will improve your own cyber security.

Several things are clear from my reading:

  • Some in the US…
Continue

Added by Douglas Nagan on August 3, 2017 at 1:58pm — No Comments

What You Should Do to Detect & Respond to Ransomware

I created these steps, collected from various sources and personal experience, to provide you with guidance on what you should be doing to prevent, detect and respond to ransomware and other malicious software attacks. Hope you find it useful. If you would like more information I suggest you take our course on managing cyber exposures at the Global Risk Academy…

Continue

Added by Douglas Nagan on July 20, 2017 at 9:00pm — No Comments

Vacation time is not the time to relax cyber security

I realize that many of you are enjoying the summer (at least in the northern hemisphere) and relaxing as you contemplate a vacation, this invariably will include your cyber security watchfulness. Unfortunately the cyber predators realize this and have learned to ramp up their activity during your relaxation. The graph below demonstrates how the pattern shifted from 2015 to 2016. It is too early to tell if this will reoccur this year but initial data seems to suggest that the ramp up is…

Continue

Added by Douglas Nagan on July 10, 2017 at 2:25pm — No Comments

Petya’s Lessons so far

As the latest major hack, code named Petya, gets dissected the picture is getting clearer. Especially when combined with the information in the latest Verizon DBIR report. Link here.

What this means is that if you updated your Microsoft operating system in a timely manner you are safe, as it appears that Petya is exploiting a vulnerability in Windows that was patched months ago and the virus was transmitted via a malicious…

Continue

Added by Douglas Nagan on June 30, 2017 at 7:30pm — No Comments

The June 27th Cyber Hack - First Thoughts

Computer systems from Russia to the United States were struck on Tuesday in an international cyberattack that bore similarities to a recent assault that crippled tens of thousands of machines worldwide.

Symantec has said the new attack was using the same hacking tool created by the National Security Agency that was used in the WannaCry attacks. The vulnerability was patched by Microsoft last April, but as the WannaCry attacks demonstrated, hundreds of thousands of organizations around…

Continue

Added by Douglas Nagan on June 27, 2017 at 8:33pm — No Comments

SANS 2017 Security Awareness Report - Some Thoughts

SANS has recently published its annual security awareness report (click on the link for a copy). Key is the concept of ‘security awareness’, which when combined with their Security Awareness Maturity Model provides a pathway to improved cyber security by managing the organizations cyber security culture.

Sound familiar? It should as that has been my message for years and is integral to my approach and courses. All…

Continue

Added by Douglas Nagan on June 5, 2017 at 6:00pm — No Comments

Symantec ISTR 2017

Symantec recently released its latest Internet Security Threat Report (ISTR). If you are not familiar with this report it provides a global snapshot of the state of internet threats. It examines Targeted Attacks; Email: Malware, spam & phishing; Web attacks, toolkits, & exploiting vulnerabilities online; Cyber Crime and the underground economy; Ransomware: extorting businesses & consumers; New frontiers: Internet of Things, mobile, & cloud threats.

If you want to get…

Continue

Added by Douglas Nagan on May 29, 2017 at 7:30pm — No Comments

Massive Global Cyber Attack

On Friday, as most of you know, there was a massive global cyber attack that took the form of ransomware. The cost of which is still be calculated.

When you read the articles and analysis several things stand out, which I have been advising you about for some time. The attacks exploited non technical issues. Specifically the all too human behavior that clicks on emails or links that are not secure and not doing updates to key software in a timely manner. All the security technology is…

Continue

Added by Douglas Nagan on May 13, 2017 at 3:00pm — No Comments

Cyber Security Culture Barometer

We have provided this simple self-assessment and score card free of charge in hopes that it will cause you to consider the impact that your organizations corporate cyber security culture has on your efforts to address your cyber threats and exposures.

Today the pace of change in malicious cyber events is accelerating. In the past the risks were mainly in someone gaining access to valuable information such as proprietary company information, financial records, customer credit card…

Continue

Added by Douglas Nagan on February 22, 2017 at 2:00pm — No Comments

Cyber Wack-a-mole - It's not a game

It can be all to easy to get caught in the trap of cyber wack-a-mole, where as soon as you need with one cyber threat several more appear. The link that follows will take you to a short (2 minute) video that outlines the the situation most of us find ourselves in.

www.naganresearchgroup.com/CWAM.mp4.

Take a look. I appreciate your feedback.

Thanks.

Added by Douglas Nagan on October 29, 2016 at 3:16pm — No Comments

Managing Cyber Exposure vs Cyber Risk

Much effort is being expended, rightly so, in addressing cyber risks. However, it is a frustrating exercise since new risks and threat vectors are arising daily, even hourly. If you would like to stop playing cyber wack-a-mole and get on the offensive watch this video. It only takes 5 minutes and will explain why understanding and managing your cyber exposures provides a way to take the offensive.

Hope you enjoy and gain something from it.…

Continue

Added by Douglas Nagan on October 13, 2016 at 8:11pm — No Comments

Understanding Cyber Exposure

There is a weakness in cyber risk to focus on the technical issues. They are necessary but not sufficient if you want to understand and manage all your cyber exposures, which I define as the vulnerabilities that arise as a result of activity using computers and the Internet. There is a great range of these vulnerabilities that are not being addressed.

An example would be the exposures…

Continue

Added by Douglas Nagan on June 11, 2015 at 6:30pm — No Comments

Our Sponsors

Would you like to reach over 22,000 + Risk Professionals? 

REQUEST OUR MEDIA KIT

 

Advance Your Career - Take the Global Risk Academy Courses Below

Business Exchange

If your organization delivers products and services that bring value to our members, you are welcome to join our partnership program.

Companies are welcome to setup a business profile page in our Multimedia Business Directory. You will get full control of the page and can include cutting edge possibilities – videos, adverts, presentations, white papers, job offers, Press Releases, product information, company blog, news feeds and more.

CLICK HERE TO APPLY

Our Knowledge Partners

Request our MEDIA KIT

Badge

Loading…

Our Twitter feed

© 2017   Created by Boris Agranovich.   Powered by

Badges  |  Report an Issue  |  Terms of Service