About tlgadmin

This author has not yet filled in any details.
So far tlgadmin has created 185 blog entries.

An experienced cyber insurance broker’s reply to my blog

This reply to my blog, Should I buy cyber insurance? is written by David McNeil, principal, of EPIC Insurance Brokers & Agents. He brings 20+ years of professional industry experience to the topic on cyber insurance. Some of Alvaka Networks' clients have been utilizing Dave's services for many years.

---------------------------------------------------------------------------------------------

Hi Oli,

Always enjoy your insights and thoughts on Tech-related subjects.   Lately, the plethora of headlines regarding cyber-related issues has meant the interest in cyber-insurance has reached a new level. This is a huge topic and this comment can only scratch the surface.

That said, a bit of an insider-view may be helpful…

Currently, cyber-insurance coverage forms are NOT standard (ISO) forms.  As a result, insurance carriers forms differ greatly.  Many parts, definitions, limits and coverage triggers are negotiable.

Definition negotiations are critical.  It is important to know what to look for and how to modify a particular carriers form to best suit the needs of a specific client/insured.

EXAMPLE:  Trigger for Notification of a Breach - (A hypothetical…. Sort of)....

An experienced cyber insurance broker’s reply to my blog2018-08-09T11:15:46-07:00

The coming of the Strategic Service Provider

Orange County, CA - Robert Faletra, CEO of The Channel Company, which publishes CRN, said the evolution toward the Strategic Service Provider model marks the fourth major shift in channel nomenclature since the publication's founding in 1982. When the channel was born its constituents were known as Resellers, a business model CRN declared essentially dead in 1990 in favor of VARs (value-added resellers). VARs evolved into Solution Providers, a term that incorporates both Managed Service Providers (MSPs) and Cloud Service Providers (CSPs). And now CRN heralds the dawn of the Strategic Service Provider era.”

That is what Steven Burke wrote recently in a story titled, The New Channel Model: Rise Of The Strategic Service Provider.

What is the “channel” and who is CRN? The channel is a term coined long ago by the folks at computer industry publication CRN back in the early 1980s when they were known as Computer Reseller News. The channel, as it is known, is the group of players that brings to you, the end-user, all the PCs, servers, monitors, Microsoft Windows, Adobe products, network cables, printers, scanners, et al that you buy constantly. The channel is your computer dealer and the...

The coming of the Strategic Service Provider2016-06-15T23:27:37-07:00

LinkedIn data breach, if you are a user take two minutes to read this

If you use LinkedIn take two minutes to read their posting Notice of Data Breach You may have heard reports recently about a security issue involving LinkedIn. We would like to make sure you have the facts about what happened, [...]

LinkedIn data breach, if you are a user take two minutes to read this2017-06-27T15:55:10-07:00

Ransomware and Phishing Awareness Training for your end-users

If you don’t treat network security as important, don’t expect your users to treat security as important. Irvine, CA - Ransomware and phishing threats are the most prevalent cyber-risk problem facing your organization today. Securing your system is a layered [...]

Ransomware and Phishing Awareness Training for your end-users2019-09-08T21:59:01-07:00

CryptXXX is ransomware that also steals your passwords and your Bitcoins

Most of my recent blogs are about ransomware. That is because ransomware is the most prevalent cyber threat today facing individuals, small and large businesses, governments and not-for-profits. No one is safe from this scourge.

Today I must tell you about a new one. Like Jigsaw, this new one called CryptXXX, is a game changer. Jigsaw was different from prior strains in that it immediately starts to delete your files just to show you that it means business. CryptXXX is different in that it introduces two new problems other than encrypting all your files and then demanding payment. Up until now ransomware has not actually breached your system and exfiltrated data. Sure you had a security incident, but it was not identified as a breach in the classic sense. Now with CryptXXX not only is your data held hostage, but now the culprits steal two new things from you. CryptXXX steals login names and passwords which puts all your systems, local and in the cloud, and any websites you frequent at risk. CryptXXX also steals your Bitcoins if you have any. The stealing of the Bitcoins is a particular insult because....

CryptXXX is ransomware that also steals your passwords and your Bitcoins2024-04-21T19:40:11-07:00

What the heck *&#@ did you say about custom software development?

Here is a guest article from Tim Martin of Action Point (www.action-point.com ). I asked for permission to run his blog because it is a very important message. The only thing missing is his unique Irish accent. Tim writes:

What the *&#@ did you just say?

This was the reaction I got from a potential client after our initial meeting to discuss their need for a customized software.  Two days later we signed a contract and they have become one of our most valued clients.

 

It’s about time for a little straight talk around here…

As the head of business development in the US for Action Point I’ve never been accused of being indirect or subtle. In the technology industry in general but especially when dealing with custom software companies, straight talk is a rare commodity. So what did I say to the client?...

What the heck *&#@ did you say about custom software development?2016-03-28T15:00:00-07:00

What is it like to upgrade to Windows 10?

I finally got around to upgrading my Lenovo notebook from Windows 8.1 to Windows 10. I can tell you in short it was a relatively fast and easy upgrade. My Lenovo is fairly quick and I have all solid state drive storage so that probably helped make things go fast.

Here is how my upgrade went:

  • I did the pre-download option of Windows 10 so all the files were already on my system when I started the upgrade.
  • Once launched the Lenovo ran for about five minutes with a green screen of...
What is it like to upgrade to Windows 10?2019-05-14T07:29:29-07:00

What is Phishing, aka Social Engineering, and How Do I Avoid It?

I recently warned of a very large recent upsurge in ransomware.  Now I must warn you to beware of new successful social engineering exploits.  What is social engineering?

Wikipedia has a good definition:

Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme.

In other words, phishing, the internet term for social engineering scams is simply a way to trick you into doing something so that you reveal vital information like bank account info, tax return info or send money unwittingly to a devious person.

Let me tell you about social engineering exploits in three recent real world examples.  In the first case, City of Hope in Duarte, CA (City of Hope employees fall victim to phishing attack) had three employees targeted by a phishing scam. They unwittingly revealed protected health information (PHI) which by law must be kept confidential. In the other two cases, the loss of data was much more vast. Both Seagate Technologies (Seagate Phish Exposes All Employee W-2’s) and Snapchat (Snapchat falls hook, line & sinker in phishing attack: Employee data leaked after CEO email scam) had an employee get tricked into providing W2 information on all past and current...

What is Phishing, aka Social Engineering, and How Do I Avoid It?2017-09-18T00:27:31-07:00