A new strain of Ransomware, dubbed P e t y a, is gaining momentum infecting companies and home users. Worst of all, in addition to holding files ransom until you pay up, it appears to be infiltrating corporate networks to steal usernames and passwords too. Be sure that you:

1. Apply the most recent security patches including the ones for Flash and Java.
2. Use click-to-play in your browsers to stop them from automatically running scripts.
3. Be sure all users are local standard users.

Find more details at https://www.fosterinstitute dot com/blog/patching-10-steps-to-seal-the-holes-in-your-armor/

Please forward this to your friends and business associates so they can be sure that they are protected too.

The UK is preparing to attack hackers with Army, Navy and Air Force.

Sir Michael Fallon, the UK’s defense secretary, warned attackers that the UK will hunt them down, and respond not just in cyber-space, but also using air, land, and sea forces.

Imagine soldiers, drones, and even missiles directed at anyone the UK identifies as a cyber-criminal.

Will attackers receive this as a deterrent? Or will attackers respond: “You realize, of course… This means war!” (Bugs Bunny cartoons).

You can read more details at www.bbc dot com/news/uk-politics-40423164

Ransomware is a common problem. If an attacker encrypts all your files and demands that you pay ransom to unlock your files, you will want to be able to recover quickly. Regular backups are not enough.

Regular backups, including file backups, can do a great job of protecting your documents, pictures, and other files. But a full restore of a computer after an attack can take a very long time, and often requires you to reset the computer to factory defaults and spend hours reloading your programs.

If you need to restore after an attack, restoring an entire image is much faster than starting a re-installation from scratch. Disk images are a one-to-one copy of everything on your computer’s internal hard drive. Most often, you will replicate your drives to an external USB hard drive.

Image backup tools include Shadow Protect Desktop from Storage Craft, and Acronis True Image. For Macs, use Carbon Copy Cloner.

Keep using whatever backup method you already use for backup too. Image backup is an addition, not a replacement.

Please forward this to everyone you know who would like to be able to recover their computer quickly in the event of a ransomware attack.

I was stranded in the Portland airport last night because of a mechanical failure on the first flight. You’ve had similar situations for sure. What would your travel experience be like if the airlines could immediately reset a plane to be brand new if it breaks?

With computers, you can be up and running ASAP. Unless there is something broken with the computer’s hardware, a broken computer can be revived in just a few minutes.

In order for this to happen, ask your IT department (if they haven’t already) to create a golden image.

First they will set up a computer and configure it exactly the way it needs to be for your business – and you could do this for home computers too. Second, make an image backup of the computer. Recommended tools are below.

Now, you have a golden image, configured in the way you like with all the right software installed, etc., that can be restored to a computer to reset the computer to be like new again.

From now on, whenever you suspect that a computer is infected with a virus, has been hacked, or is just malfunctioning in general, do not troubleshoot it. Dump a golden image back onto the computer and refresh it to be like new.

Note: All the data will be overwritten when you restore the image. So, for personal computers, be sure to back up the data prior to restoring an image. At the office, all users store their data files on servers, not on workstations, right?

You may find that your IT team can create a single golden image that can be used on different models of computers, or they may need to make separate images for each model. If you use a technology called VDI, this is even easier. VDI is a different topic though.

Image backup tools include Shadow Protect Desktop from Storage Craft, and Acronis True Image. For Macs, use Carbon Copy Cloner.

Please forward this to everyone you know who troubleshoots a computer if it is acting up. There is another way, and troubleshooting may not be able to completely remove a virus if the computer is infected anyway.

Expect to see an increase in interesting news stories about what can be hacked this week. The big hacker convention DEFCON starts this week and lots of new announcements will be made as part of the program.

If you will be in Vegas, leave your laptop and phone at home – lest you end up on the infamous wall of shame for being hacked. The website is defcon dot org

School is starting again and many students need computers. Take these important steps to help make them more secure:In addition to how they back up now, they also need to perform image backups that will back up everything, even programs, so that restore operations can go quickly and not interfere with schoolwork. Image backup tools include Shadow Protect Desktop from Storage Craft, and Acronis True Image. For Macs, use Carbon Copy Cloner.

Be sure the “automatic update” feature is turned on in Windows and in Mac OS. Students must have the critical security patches installed to dramatically increase security. They’ll need to patch their browsers separately.

Uninstall all programs that they don’t think they will use. Start with the programs that are easy to recognize and skip the rest for now. Each program is a potential toe-hold for an attacker to gain access to a system. Worst case, if they delete something now that they need later, they can re-install it. In particular, remove Java and Flash. These are two tools that are frequently hacked and may be unnecessary. If a student finds they need either, he or she can reinstall them with the newest version. Make sure they get Java only from java dot com and Flash from get.adobe dot com/flashplayer/

Make sure they make their user account a “standard user” on their computer. This helps block attackers. Steps for Windows and Mac: 1) Create a new user 2) promote that user to be a local administrator 3) Demote your account to a standard user and use your own account.

Turn on two-step verifications on all the websites they visit. The setting is usually in the security settings of the website.

They need to keep their computer physically secure. Someone could access their files, social media, and e-mail accounts easily and without their knowledge. Passwords aren’t that helpful. It is usually trivial to bypass passwords on computers once an attacker gains physical access to a computer.

And though they may not heed this last step, it is a really good idea to avoid connoting to Wi-Fi services at school, coffee shops, etc. It is better if they use their phone or personal hot-spot to connect their computer to the Internet when they need to. The phone charges may be lower than you expect, especially if you call your phone provider and check about new data plan options.

Please forward this to your friends who have students; it can help prevent some big heartaches.

NIST, the National Institute of Standards and Technology in the US, is releasing new password standards that make passwords so much easier…

Using plain letters is enough; numbers and symbols are optional.

Passwords need to be long, at least 8 characters. 16 or more is better.

You don’t have to reset passwords unless you suspect a data breach. Wow!

However, passwords cannot match a database of stolen or easy to guess passwords. And, your login mechanism has to have a way to verify that.

That’s the basic gist. You can read the details in the NIST Special Publication 800-63 at https://pages.nist dot gov/800-63-3/sp800-63-3.html It covers secret questions, two step login, etc.

Now, hopefully PCI and other standards will update their rules too.

Please forward this to anyone who is sick of complicated passwords and having to change them every 90 days.

You may be one of the 143 million people affected by the Equifax hacking breach that was announced yesterday.

Data stolen may include contact information, dates of birth, driver’s license information, and Social Security numbers. Attackers can make money selling the information to people who could steal your identity and take out loans in your name.

Place a credit freeze on your credit report. To do so, contact all four: Experian, Innovis, Trans Union, and, you guessed it, Equifax. In total, you’ll spend less than $75 to place the freeze.

A credit freeze stops people for gaining access to your credit report. It is difficult for an imposter to borrow money if a lender cannot check a credit report first.

Remember, credit monitoring, though good, sometimes only catches bad things when it is too late.

A security freeze is more effective, and lasts longer, than a fraud alert.

Additionally, watch out for anything odd or abnormal on your bank statements. Download your credit reports every quarter to see what is on them. One way to see your credit reports is to use a service such as annualcreditreport dot com

The FTC gives suggestions about avoiding and handling identity theft at consumer.ftc dot gov/features/feature-0014-identity-theft

Equifax has set up a website equifaxsecurity2017 dot com for people to see if their information was part of the breach. However, many people have been experiencing problems with that website.

Executives – FYI: Reports say that the attack did not result from social engineering. In other words, nobody clicked a bad link in an email. The attackers got in because an Equifax website was insecure. Have you had someone check the security of your website lately? If your site simply displays static information, you are at a much lower risk than if your site has a place for someone to login and/or look up information via your site.

Reports say that the breach may have happened as early as May, and Equifax discovered the breach on July 29. The time between when attackers compromise a system, and when it is discovered, is called dwell time. The best thing to do is to stop hackers from getting in to begin with. Keep security a top priority at your organization! The attackers are counting on you to overlook important steps.

Please forward this to anyone you care about…

Regarding the Equifax breach, the breach affects about half of America’s population, so take action. Experts agree that one of the best things you can do to protect yourself is to place a credit freeze on your credit reports.Credit monitoring is nice because it can tell you something bad has already happened, but prevention is important too. The FTC provides more info to you about credit freezes and why they help so much: https://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs

To save you time, below are shortcuts that worked on Saturday. Freeze all 4; go to all 4 sites:

Experian (888) 397-3742
https://www.experian.com/freeze/center.html

TransUnion LLC – To Freeze: 888-909-8872
https://www.transunion.com/credit-freeze/place-credit-freeze
The page on which to place a traditional credit freeze provided error messages. TransUnion says to use their service called True Identity instead.

Equifax Information Services, LLC 866-349-5191
https://www.freeze.equifax.com
At the end of the process, choose “To view your one time PDF please Click Here” to get your ten digit PIN.

Innovis – To Freeze: 888-567-8688
https://www.innovis.com/personal/securityFreeze

Can you trust programs you download? Millions of users, including outsourced computer firms, use a program called CCleaner on their own and on customers’ computers. CCleaner just announced that some of its software was compromised and has been stealing data from users’ computers.

Every program that you install on your computer is a potential security risk.

CCleaner may be installed on your computers, right now, by well meaning, qualified, IT professionals who care about you and your organization. It is a powerful tool with many beneficial features. Yet it has been hacked.

It will not help you to invest energy being angry at your in-house, or outsourced, IT professionals, or to be angry at the developer of CCleaner. They mean well and are using their skills to protect you and your company. CCleaner has undoubtedly added a great deal of value to the world by speeding up computers and removing malware. At some point, IT professionals have to trust that some programs are secure.

But their trust is exactly what attackers are counting on.

What you, as an executive, must do is to ask your IT team for a list of all programs installed on your network. Ask IT to uninstall all programs, that you, with their input, decide are not absolutely essential for you to use to serve your employees and customers. Do not burden them with making that decision on their own.

You owe that to your customers who trust you with their information.

You may decide to stick to using programs from well known and vetted companies, although that is no guarantee that the program is safe. Any program that is installed by millions of users becomes a target for attackers to use as a vector into your organization’s computers.

If you use CCleaner, uninstall it. Know that some of your data, perhaps whole computers, have been compromised. You can read their official announcement here: https://forum.piriform.com/index.php?showtopic=48869

Know that uninstalling software does not remove the malicious code imbedded in your computer. And don’t count on your anti-virus to find the code. Attackers know how to hide malware from anti-virus programs. The best thing to do would be to rebuild the computers from scratch. Hackers are counting on the fact that your IT Pros do not have time to reload each computer. Ask your IT Pros if they have time. Either free up some of their time so they can perform the reload, or bring in an outsourced company to help, or choose to accept the risk and go on. That’s a decision for the executives to make. Using a technology called VDI makes the reinstallation process much easier.

If you want to continue to use CCleaner, if there is an executive level decision that the risk is worth the benefit, then you can ask IT to re-install the newest version.

Forward this to every executive you know. Tell them about this crisis, and how they must be involved in identifying all non-essential programs, so that IT can uninstall them.

The new Apple iOS 11 has a feature that appears to permit you to turn Wi-Fi on and off from the easy to reach Control Center. However, some people in the security community are concerned since the setting does no such thing.

Your iPhone and iPad will prompt you to upgrade to the new iOS 11 soon. Having the most recent version of iOS is one strategy for being secure. Like Google does with the Android OS, Apple focuses on keeping the newest iOS free from security vulnerabilities.

But, with Apple’s new iOS 11, you need to be aware of a feature that might cause you to believe you are safe from Wi-Fi attacks when you are not.

Mobile devices are vulnerable to Wi-Fi attacks, and people who are serious about the security of their phone or tablet choose to turn off Wi-Fi except when they are at their office, home, or somewhere else they know they want to use W-Fi.

In the new iOS, turning off Wi-Fi in the Control Center does not really turn off Wi-Fi. Apple says this is a feature that keeps you from losing connectivity with Wi-Fi devices like an Apple TV or a Pen. But the practice of Apple leaving Wi-Fi on without your knowledge has created some discontent in some of us who want to help you be as secure as you want to be.

If you turn off Wi-Fi in the Control Center, your device will indeed disconnect online connections to Wi-Fi networks, at least temporarily, so it appears to work.

But Apple says that, as soon as the user walks or drives to a new location, the auto-join feature will turn itself back on without notifying or asking the user’s permission. I tried that, turning off Wi-Fi in my Control Center, and then drove a few miles just to see. To my happy surprise, the Wi-Fi did not re-enable. However, a little time later in my office, I noticed that the Wi-Fi had turned itself on again on its own.

Apple also says that auto-join will come on again automatically at 5 am. Sure enough, I turned off Wi-Fi in the Control Center at night, and when I checked the icon in the Control Center at 5:15am, the Wi-Fi was re-enabled.

You can read about this unexpected feature, on Apple’s own website: https://support.apple.com/en-us/HT208086

You will be OK, as long as you know that if you want to turn off Wi-Fi, you have to go to the settings menu and turn Wi-Fi off there.

Please forward this to anyone you know who knows that turning off the Wi-Fi on their phone can increase their safety from attackers. Help them know that the only way to turn off Wi-Fi is to go to settings, not to the easy to reach control center.

This week, someone told me about a group of CEOs who came to the conclusion that their IT security was handled since they installed an artificial intelligence (AI) based threat protection tool. They didn’t know it, but they were wrong. Having a false sense of security is dangerous and can be devastating to a CEO’s organization, because they may fail to take the important steps to be secure.

Executives are trying to do the best they can, to make good decisions, but they often have bad input.

Some executives learned what they know about IT security from advertisements rather than textbooks, or from advisors who did not know what they were talking about.

For example, reports show that it is probable that the breach at Equifax could have been avoided if executives had ensured that basic step #1 was implemented.

The essential steps are:

1. Keep current with critical security patches.
2. Make sure that users have the right amount of privileges to do their jobs.
3. Only allow good programs to run.

It is human nature to want the easy way out, such as buying the latest threat protection tool and stopping there. Threat protection tools are important to have, but are not enough.

Be smart. Give your IT team time to accomplish the three steps above. Then you can sleep better at night.

Please forward this to every single executive that you know, so they can protect their companies with these three very important basics.

For more details, see:

https://www.fosterinstitute.com/blog/cyber-securitys-three-essential-steps/

https://www.fosterinstitute.com/blog/patching-10-steps-to-seal-the-holes-in-your-armor/

Windows computers can keep a log of security events, such as failed logon attempts. It is helpful to know if attackers are trying to gain access to your network. When the log fills up, it overwrites itself with the oldest events first. By default, the log files are very small, and that makes it much easier for attackers to cover their tracks.

Almost universally, security log files are too small and have overwritten themselves, making it impractical, and sometimes impossible, to see what security events have been happening on the network for more than a few hours.

Ask your IT Pros to be sure that the security log file size is set to at least 256 Megabytes.

Your IT Pros probably already know all about security logs, and can find out all the details on Microsoft’s site. Someday, as time permits, they may be interested in monitoring more than the default events, and that’s good. Microsoft provides detailed recommendations about events to monitor.

Please forward this to every executive you know so that they can forward it to their IT professionals and outsourced IT companies. Experience has shown that the majority of companies are still configured to use the tiny default size, and attackers love that.

According to the Wall Street Journal, followed by the Washington Post, Russian hackers used Kaspersky anti-virus to steal NSA cyber defense information off of an employee’s home computer.

Even if you do not use Kaspersky, you still need to take 5 important steps, as described below.

There is no guarantee that other anti-virus software is immune.

What can you do to better protect your and your customers’ sensitive information when you cannot trust other programs like CCleaner, Kasperski, and who knows what else you will find out is a threat?

First of all, never let employees take sensitive information to their home computers. That’s not a panacea, but according to sources, the attack happened on a worker’s home computer. It is always important to keep sensitive data away from home computers that your IT professionals cannot maintain.

Second, more companies may start to embrace the technology called application whitelisting; it works the opposite of anti-virus tools that look for bad programs. Application whitelisting only lets approved programs run, so all other programs, by default, are not permitted to run. The strategy is that you give a list of approved programs to your computers and those are the only programs permitted to run. Configuring application whitelisting can take time, and time to maintain. And it will involve you meeting with IT to help them know what programs are essential to your organization. And Microsoft has a version, called App Locker, built in for company computers.

Third, limit the number of software vendors you use in your company. Every new company you let in the door is a potential risk. This is an opportunity for Microsoft, Apple, Citrix, VMware, Adobe, and others to really step up their game and offer more complete solutions.

Fourth, companies will just start installing fewer programs to begin with. Make users local standard users so they are unable to install their own programs. Every program, whether intentionally by the manufacturer or not, is a potential foothold for attackers to use to get into your systems. The whole movement for simplicity may overlap into the cyber world too.

Once upon a time, many years ago, I had the opportunity to work in South Africa for several weeks. While in Johannesburg, a taxi driver told me that the company with yellow colored taxis was very successful competing against the company with blue taxis. People chose to ride in yellow taxis more often than blue.

So, in order to increase business, the drivers with blue colored taxis started shooting guns at people riding in the yellow colored taxis. That was an incentive for riders to choose to ride in blue taxis. And it worked. More people chose the blue cab company over the yellow cab company. However, as you can imagine, the strategy was adopted by other taxi drivers too, so it became very dangerous to ride in any colored taxis.

The driver told me that taxi passengers became so fearful for their lives, that they all started taking the train. The trains got very busy. How did some taxi drivers respond? He told me that the taxi drivers, if they were having a slow day, would throw people off trains in order to make people more afraid of riding trains than riding in taxis.

Now, in 2017, according to the news, taxi drivers are attacking uber drivers for a similar reason.

This isn’t about South Africa. I love the people I met there – they had extreme kindness, integrity, hard working – there are people there that epitomize ideal friends, work associates, and customers. I have great feelings just thinking back to the amazing people and the experiences.

How this relates to cyber security is that bad actors use cyber-security tools, and other programs that your organization trusts, to launch attacks. If we allow it to, this can get out of hand. Do you remember the story about the Greeks who built a big horse, loaded their soldiers inside quietly, and managed to get the citizens of the ancient city of Troy to bring the horse into their city walls? According to the story, the trick worked very well and the trusting citizens had a very bad day when the soldiers poured out of the horse and attacked.

If programs were like big wooden horses, most of them would not contain attackers. But the lesson here is that it is difficult to know for sure. It may be best for organizations to be careful to not let so many programs, like horses, enter their gates at all. Trim back the number of programs you have installed at your company.

Fifth, stop storing data on computers and networks if you do not need the data readily accessible. Sure, a lot of your data does need to be instantly accessible. But think about it, strategize about it, is there any data that your team doesn’t use on a regular basis? Store that information offline. You can copy the information back onto your servers when you need it, but it isn’t there all the time. Data that that is not stored in servers cannot be stolen from the servers, nor can it be encrypted if ransomware encrypts the files on your servers.

Please forward this to your friends so that they can start protecting their systems with the 5 steps above.

Many organizations rely on a wireless password to protect their Wi-Fi networks. Behind the scenes, that password is used as part of a security protocol called WPA2. An attack, dubbed KRACK, has been announced that breaks that security.

The attack can permit attackers to potentially eavesdrop on your network traffic and your communications, change information, delete information, and insert information, all to cause problems and cost you money.

The good news is that the attacker needs to be within range of your Wi-Fi network. They could be some distance away if they use a strong antenna or if they plant a remotely controlled device nearby.

Do two things to mitigate this danger:

First: Apply the new patches that address this issue. That can prevent the attack.

Second: Isolate your wireless network from the rest of your network. That can help reduce the damage.

Related to the first step: Apply the most recent critical security patches, often called firmware updates, to your wireless devices. The company brands of your devices should release patches. Additionally, apply patches to your operating systems and applications that use Wi-Fi networking.

Microsoft released a patch a few days ago, on October 10, as part of the expected second Tuesday of every month patches, that solves this problem on their side of the products. At home, your automatic update should have patched your Windows workstations. But you will still need to patch your wireless access point. At the office, your IT team will need to patch the computers and devices. Please give them time to do so – it can take some time. Information about the attack in general, and some of the patches, can be found at: kb.cert.org/vuls/id/228519 If the manufacturer of your devices does not produce updates, your next step might be to replace the devices with new ones.

For the second step: It is an IT Security best practice to isolate all wireless devices on your network to be away from the wired devices. For years, organizations would add wireless capabilities to their network by connecting wireless access points to the same network as your workstations and servers. That is a very dangerous practice since it can permit wireless devices, perhaps belonging to an attacker in the van outside your building, to access the wired resources on your network. In the case of this specific attack, it makes it easier for the attacker to access the data on the most protected parts of your organization’s network. Isolate all wireless devices on their own, what your IT professionals call a, filtered subnet.

As is often the case with IT Security, this will be a risk vs. expense decision. It is important that the executives of a company make the final decision about whether or not to ask IT to implement the mitigation steps. Your IT Team will appreciate your deciding, and the choice is yours since, if there is a successful cyber-attack, the executives, especially the president, CEO, and owner will suffer the most.

Please forward this to everyone you know who uses wireless networks.

This is the time of the year when youngsters remind parents that all of their friends have phones, the latest model is out, and everyone is getting one! Some parents ask if there is an alternative. Yes.

If you want to be able to reach them when they are off playing around the neighborhood, or stay in contact when you all go to holiday festivities, the amusement parks, or about anywhere else, consider the wonderful radios that can be purchased for a fraction of the price of phones.

The FCC set aside frequencies for family radio service (FRS) for free, and for a FCC registration fee, members of the same household can use the more powerful GMRS radios.

Someone loses, or breaks, a radio? Easy to replace. No monthly fees.

We keep several radios right next to the front door. Someone leaves to go play? Grab a radio. The whole family headed for an indoor or outdoor adventure, grab all the radios. The range isn’t unlimited, but we can reach each other easily within a two-mile radius, and usually, since our family travels, and howls, in packs, it is more than enough. Need more range? That’s an option too.

If you want more details, please ask.

If this gives you a sinking feeling, it should. What most people don’t know is that, if your computer uses an Intel brand CPU, there is a hidden microprocessor dedicated to running a second operating system called MINIX. And MINIX is running right now.

That’s right. You have a second computer running inside each of your organization’s existing computers. And probably don’t know it.

An attacker’s dream come true:
-A scarcely known operating system
-Hidden in millions of computers
-Using a secret microprocessor
-With priority over everything else on the computer. Something IT Pros refer to as ring negative three.
-With network access
-Patching security flaws are a nightmare
-And there is no anti-virus

Even if the attackers don’t soon find a quick way to access sensitive information, they might find a way to shut down all of your servers. And keep them shut down.

Intel has great intentions. MINIX is part of Intel’s ME Management Engine that has desirable features. MINIX runs on, coexists with, Windows, Linux, or whatever you thought was the only operating system.

The most important thing for you, as an executive, to do is to make sure your IT Team is aware of MINIX. They can read more at www.zdnet.com/article/intel-weve-found-severe-bugs-in-secretive-management-engine-affecting-millions/

The race is on: Attackers are looking for ways to use MINIX to their advantage. Intel, Google, and others are working to find ways to make MINIX more secure.

Forward this message to any organizations that you care about, especially organizations upon which you rely to perform services and provide products to your own organization. If they get shut down, or infiltrated, that will affect you too.

Apple’s newest operating system has a serious vulnerability that can allow someone else to logon to your Mac. Here’s what to do: 

First, see if you are vulnerable. Click on the apple symbol on the top left of your screen, then choose About This Mac. If you have macOS High Sierra, you are probably vulnerable. If you have anything else, stop here.

Second, you can protect yourself by making sure nobody other than you can get to your computer. So far, though theoretically possible, the vulnerability has not been exploited remotely unless you have enabled “Share my Screen.” If you feel confident that no bad actors will have access to your computer, you can stop here.

Third, reset the root password. Apple provides the 8 necessary steps at support.apple.com/en-us/HT204012 , Scroll down to the section entitled: Change the Root Password. In their step 7, if the option Edit > Change Root Password is grayed out on your Mac, then instead click the option Edit > Enable Root User and continue with step 8.

Please forward this to everyone you care about that has a Mac.

Once an attacker accesses one computer, they attempt to traverse the network and infect other computers too. That’s how ransomware spreads on a network.

By default, all of your computers permit communication between each other, and attackers use those same communication channels to spread attacks from one machine to the next.

The solution is so basic that it is often overlooked: Computers do not need to talk to each other anyway, just to servers. Block the communication between workstations, and you take away a major vector used by ransomware to spread.

Ask your IT team to use local firewall settings on each computer to prohibit communication between workstations. They can make the setting once, and your servers will propagate that message to the other computers on the network. Give them a little time to complete this, because they will want to test their settings.

Please forward this message to help make the world a safer place. And remember, the more secure your service providers are, the more secure you are too.

In our experience of auditing after breaches have happened, about half were caused by a service provider working for the company that gets breached.

Almost always, the vendor or contractor had no malicious intent. Their organization’s own IT systems were not secure, and/or their team members performed actions in a non-secure way.

Be sure the service providers you use are working every day to be more secure too. Ask them about their security awareness training program. Ask them how often they are audited by independent third party firms that are interested in helping them increase their own security. If you want to, encourage them to sign up for our newsletter.

Remember, your IT security relies on their IT security too.