Things to do at RSA 2020 

This year’s RSA Conference is sure to be chockfull of exciting innovations, new technology, and swag galore. As much as we love the excitement of being on the expo floor, it’s always a good idea to take time to explore the conference, meet new people, and unwind with a few good colleagues or newfound friendsThis list of networking gatherings and affiliate events will help you make the most out of your RSA experience! 

 

Events through RSA: 

  • 2/25 6:00 pm to 8:00 pmCyBeer Ops Networking Reception – Craft beer tasting event that doubles as a great networking opportunity.
     
  • 2/27 6:00 pm to 9:00 pm: RSAC After Hours – Enjoy food, drinks, and dancing to a live 80’s cover band.
     
  • 2/25 5:00 pm to 7:00 pm: RSAC Women’s Networking Reception – Relaxed networking event celebrating women’s contributions to science and technology.
     
  • 2/24 5:00 pm to 7:00 pm: Welcome Reception – Kick off the conference with drinks and apps while previewing cyber solutions from over 700 exhibitors.
     
  • Multiple dates and times, registration required: RSAC Engagement Zone – Engage, network, and make personal connections with others who share your interests through Braindate, Birds of a Feather, Cooperative Learning roundtables, and more.
     
  • Multiple dates and times: RSAC Sandbox – Show off your cyber skills through hands-on experiences and mingle with peers at this engaging event.
     
  • 2/26 4:30 pm to 6:00 pm: Expo Pub Crawl – Enjoy complimentary beer, wine, and non-alcoholic beverages while visiting sponsor’s booths and learning about their latest innovations to support your business. 

 

Affiliate events: 

  • 2/24 7:00 pm to 10:00 pm: CYBERTACOS at RSAC – Talk over tacos with members of the local cybersecurity and broader IT community.
     
  • 2/24 7:00pm to 10:00 pm: Ignite – With live music, snacks, cocktails, and dancing, this is THE place to be Monday night.
     
  • 2/25 5:00 pm to 9:00 pmOptiv After Party – Thirsty Bear Organic Brewing Company will have great beer on tap while you network the night away. 
  • 2/25 6:00 pm, registration requiredVMware Carbon Black Networking Reception – This exclusive happy hour at the W San Francisco is sure to be the event you need to kick off your RSA experience just right. Register now as space is limited.
     
  • 2/25 6:00 pm to 9:00 pm: Non-Profits on the Loose – Meet and mingle with industry, policy, and government leaders in security and privacy at this soirée.
     
  • 2/26 11:30 am to 1:00 pm: Meet & Greet at RSA Conference 2020  Join the Executive Women’s Forum and meet the most amazing women at the RSA Conference.
     
  • 2/26 5:30 pm to 8:30 pmICMP Networking Social RSA 2020  – Network with members, friends, and guests of the International Consortium of Minority Cybersecurity Professionals.
     
  • 2/26 6:30 pm to 9:30 pmArctic Wolf Happy Hour – Sips and savors at TRES Tequila Lounge and Mexican Kitchen is the perfect mid-week way to unwind.
     

Stay up to date on any additional affiliate events as they get added by checking out this calendar provided by the conference, and be sure to swing by our booth #6480 to see what we’ve been working on and add to your swag collection

To get a sneak peek at our latest cyber training platform, inCyt and be sure to register for our webinar, inCyt: Inside the Human Element of Cyber. We can’t wait to see you at the conference and have some fun! 

Operation Gratitude: 5 Reasons to Give Thanks for Cyber Security

With daily breaches impacting business operations and security, it’s easy to forget about the good ways that cyber security keeps us safe behind the scenes. This holiday season, we’re giving thanks to cyber security and all that it does to make our lives easier and more secure with what we’re calling Operation Gratitude (inspired by our Project Ares missions, uniquely titled “Operation Goatherd” or “Operation Desert Whale”). #OperationGratitude is a rally cry for security professionals and business leaders to remember the positive aspects of cyber security and share those positive thoughts with each other. Too often we live in fear from cyber attacks and persistent threats, and while, there is always cause for concern, we must remember how advances in the field have equally made aspects of our digital life easier. We’re thankful for these advances in cyber security:

  1. Two-factor authentication – This tool helps to keep you secure by requiring two different credentials before allowing you to gain access to sensitive information online. One example of this would be when you log in to check your bank statements and it prompts you to not only enter your username and password, but also to check your phone and enter a verification code that was texted to you. You will normally see this security precaution used when logging into an account from a new device. The great part about it is, it’s widely known and used by everyone from CISOs to high school kids.
  2. HTTP(S) – You’ve likely seen this appear when visiting a URL online, usually showing up just before the “www” and website name. Http means HyperText Transfer Protocol. HTTP is the underlying protocol used by the World Wide Web, which defines how messages are formatted and transmitted, and what actions web servers and browsers should take in response to various commands. The “S” is for security, and this little letter means that all communication between your browser and your website is encrypted for your protection. This means that sites utilizing https are prioritizing your safety while performing sensitive transactions online!
  3. Personal digital responsibility – These days the average consumer is more connected than ever. With our lives relying on smartphones, computers, tablets, and a multitude of IoT devices, we are entrenched in cyber every single day. This reliance requires us to practice personal digital responsibility, or often called digital citizenship—that is, the ability to participate safely, intelligently, productively, and responsibly in the digital world. Just because we are more connected does not necessarily mean that we are more aware of cyber risks, however, initiatives such as Cyber Security Awareness Month (in October) are helping to increase awareness by promoting cyber citizenship and education. Circadence is proud to contribute to the security awareness and digital responsibility effort with the soon-to-be-available inCyt, a security awareness game of strategy that helps bring cyber safe practices into the workplace and cultivates good cyber hygiene for all (and you don’t have to be a technical expert to use it).
  4. Corporate security awareness trainings – Given that 25% of all data breaches in the U.S in 2018 were due to carelessness or user error, it is critical for companies of all sizes to engage their employees in persistent cyber training. Thank goodness there is an increase in organizations such as the National Cyber Security Alliance (NCSA) that provide risk assessments and security training to organizations across the U.S.
  5. Increased security collaboration – With more than 4,000 ransomware attacks alone occurring daily, no one business can mitigate the increasing amount of cyber risks present in today’s threatscape. It is more important than ever for businesses to share knowledge from breaches they have experienced and stand together to fight cyber crime, which is exactly what they’re doing! Nowadays these partnerships are being formed not only to share information, but to conduct live fire cyber readiness exercises. One such initiative is DHS’s National Cybersecurity and Communications Integration Center(NCCIC) – a 24/7 cyber situational awareness, management and response center serving as a national nexus of cyber and communications integration for the federal government, intelligence community, and law enforcement. The NCCIC also shares information among public and private sector partners to build awareness of vulnerabilities, incidents, and mitigations.

So, as you prepare your Thanksgiving meal from recipes pulled up on your tablet, with holiday music playing from your smart phone, and timers set by Alexa to ensure the juiciest turkey and tastiest pies, remember to give thanks for cyber security. We certainly are!

 

Photo by Simon Maage on Unsplash
Photo by Pro Church Media on Unsplash

Cyber Security and the Baby Boomer, Gen X Populations

We all have someone in our lives who isn’t tech-savvy They don’t know how to convert a word doc into a PDF, or they try to do a Google search on Facebook, or they seem to struggle with the ‘simple’ act of text messagingThese are not uncommon missteps when using smart devices for people who didn’t grow up with Siri ® (let alone the Internet!) at their fingertips. While these mistakes seem harmless or even comical at times, there can be much more serious cyber security consequences.  

Baby Boomer and Generation X populations (born 1946-64 and 1965-76) are a growing target for scammers because they are a largely trustworthy population made up of financially successful people. And some of the oldest may have cognition and memory ailments. The American Journal of Public Health estimates that about 5of the Baby Boomer population, (about 2 to 3 million people)experience from some sort of scam every year. The Federal Bureau of Investigation cites that older adults lose more than 3 billion dollars a year to financial scams. 

Some of the most common forms of cyber threats that vulnerable Baby Boomers can fall victim to are impersonation scams, or fraud. This is a kind of deception involving trickery and deceit that leads unsuspecting victims to give money, property, or personal information in exchange for something they perceive as valuable or worth protecting. According to Scam Watch, in 2019 so far 10,297 scams have been reported in the 55-64 age range, and 13,323 scams have been reported in those 65 and older.  

Here are some of the top types of scams used against this population: 

  • Medicare, health insurance, and pharmacy scams in which perpetrators may pose as a Medicare representative or provide bogus healthcare services for patients in order to gain access to their personal information. They may also be persuaded to buy unsafe or fake prescription medication that may harm their health. 
  • Sweepstakes and lottery fraud occur when an advertisement pops up saying you’re the lucky winner in a random website sweepstakes. This is a ploy to get people to enter their personal information, including address and credit card number in order to “claim a prize” or win money.
  • Sweetheart scams seem unusually cruel. With a majority of the Baby Boomer population dealing with the death of a loved one or children leaving home, maybe living alone for the first time, loneliness can creep in. Scammers in these scenarios pretend to be a love interest of the victim and eventually ask for money to help support them. 

The good news is that we can help the most vulnerable in this population avoid falling victim to a scamWe can have conversations to stimulate awareness of online and phone safety practices, make frequent visits and facilitate discussions about monthly bills and medications, and destigmatizing fear or embarrassment to come forward if they find they have been taken advantage of (waiting to rectify the situation could only make things worse). You can report scams to a number of organizations, including the FBI, Social Security Administration, Federal Trade Commission, or your bank or retirement facility. 

 Don’t wait until it’s too late, have important conversations with loved ones of all ages and ensure they feel empowered to make smart decisions online. 

Photo by Kaitlyn Baker on Unsplash https://unsplash.com/@kaitlynbaker?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText 

Top 10 Cyber Myths

The top cyber security myths CISOs and security professionals fall victim to. Empower yourself with persistent training and skill building instead.

The Internet of Things Ushers in a New Wave of Cybersecurity Needs

The internet has changed rapidly since its inception in 1983. The way we communicate, consume news and media, shop, and collect data are just a few examples of the way the internet has changed the world. A term you may have heard crop up in recent years is IoT, or The Internet of Things. IoT is about extending the purpose of the internet from use in day to day devices like smartphones and computers to use as a host of connected “things.”

So why would we want to do that? When something is connected to the internet and able to send and receive information, it makes the device smart. The more smart devices we have, the more connected and controllable our environment will become. IoT provides important insights to businesses and people that allow them to be more connected to the world and to do more meaningful, high-level work.

While the Internet of Things holds incredible potential for the world, it also means opening up more avenues of vulnerability for hackers to tap into our infrastructure, our homes, and our businesses. On a large scale, the development of “smart cities” are cropping up, promising better usage of resources and more insights from data among other things. On the other hand, this could allow hackers higher access to critical infrastructure leading to potentially crippling instances of national and industrial espionage. On a smaller scale, things like parking meters can be hacked in order to cheat the system for free parking.

The rise in IoT security must match the explosive growth rates for these devices, which means that a new era of cybersecurity is being ushered in. Nearly half of U.S. companies using an IoT network have been hit by a recent security breach, and spending on IoT security will reach more than $6 billion globally by the year 2023.

Where does this leave us in a world with a seemingly bright technological future that holds such dark potential? As IoT continues to grow and evolve, it’s hard to say what specifics need to be put in place in order to keep it secure. However, there are some good general practices that can mitigate your personal and professional risk of being a victim of a breach.

  • Be aware when it comes to downloading apps. Always read the privacy policy of any apps you’re thinking of downloading to see how they plan to use your information and more.
  • Do your research before you buy. Smart devices collect a lot of personal data. Understand what’s being collected, how it’s being stored and protected, and the manufacturer’s policies regarding data breaches.
  • It seems obvious, but use strong and unique passwords for your device accounts, Wi-Fi networks, and connected devices (and update them often).
  • Use caution when utilizing social sharing features that can expose your location information and could let people know when you’re not at home. This can lead to cyberstalking and other real-world dangers.
  • Install reputable security software on your devices and use a VPN to secure data transmitted on your home or public Wi-Fi.

All these tips are focused on educating yourself as a responsible user of the internet and sharer of all things personal and professional. To protect yourself (and others around you), keep learning safer internet and cybersecurity practices. Cyber is always changing, just like the internet, and if we overlook a privacy policy or share a little “too much” on social media, we place ourselves at risk of exploitation and danger. It is up to us, the individuals who use this technology day in and day out, to create safer spaces online to communicate and continue to enjoy the internet in all its glory.

Eventually, there is hope that the IoT industry is able to revolutionize cybersecurity for itself, as compliance and regulation never seem to catch up to the pace required by cyber defense technologies. Since this is still such a new industry and constantly evolving, utilizing the aforementioned tips and tricks will help you stay safe while IoT security gets its footing. There is a lot to look forward to as IoT continues to revolutionize the way the world works, it’s just a matter of time before cyber teams are ready to take on this new wave of security needs.

Photo by Domenico Loia on Unsplash

A Rising Tide Lifts all Boats: Celebrating National Cybersecurity Awareness Month

National Cybersecurity Awareness Month (NCAM) in October reminds us of the importance of being safer online, in both our professional and personal lives. Easier said than done, eh? Who’s to say the majority of us even know what makes us “safer” online, or for that matter what makes us vulnerable or should raise a red flag?

It all starts with awareness. I’d like to suggest that “IT Literacy” is no longer enough. Now, in 2018 and beyond, “Cyber Literacy” needs to be a year-round, all-encompassing movement. And regardless of whether or not “Cyber-” or “IT-”anything is or will be in your title, cybersecurity must matter to you.

During a recent workshop presentation I delivered to attendees at the Florida CyberCon 2018 in Tampa, I likened our cybersecurity practices to the idea of personal hygiene. Because let’s face it, one’s personal hygiene is something that,
a.) you are personally aware of and educated on how to maintain
b.) is attended to routinely
c.) is well understood in terms its impact on your overall health
d.) has a relative impact on everyone around you regardless of direct contact

Cybersecurity can be thought of much in the same way. We must all begin to realize that cybersecurity demands the same kind of personal awareness and attention – it not only impacts us as individuals but also our family, colleagues, department, agency, company.

I believe that part of the disconnect around cybersecurity best practices comes from the assumptions we make as consumers in general – that what we’re buying is designed and sold with our best interests, and security, in mind. For example, you buy a new car and it comes equipped with seatbelts, turn signals, airbags, automatic brakes and locks, etc. The food you buy and eat is certified by the Food & Drug Administration to indicate it has been safely grown/ raised and suitable for human consumption. When making technology purchases, we cannot take these same conveniences for granted.

Now, that’s not to say that all technology is inherently unsafe, but my point is, we can’t settle with pre-installed safety protocols because, as we know, technology is ever evolving and failure to frequently update it and use it safely results in vulnerabilities that hackers will exploit for financial, reputational, or economic gain. Just like with personal hygiene, healthy practices and regular routines are necessary for optimal cyber literacy and performance.

The goal behind NCAM is to encourage us take some time to understand the problems resulting from poor cybersecurity practices. Those behaviors will not start to diminish until school counselors, parents, teachers, administrative assistants, nurses, athletes, and everyone become more aware of their cyber posture. There’s a reason why the laptop or PC you’re reading this on asks you to update its internet browser and operating system. And those push notifications you get on your phone to update your apps aren’t coming through to annoy you and eat up your battery and data. These simple practices and others — like resetting passwords and activating double-verification – will improve your cyber hygiene and protect you against ongoing threats to infiltrate the devices and exploit the data of our everyday lives.

So, did you shower today?
Did you check your computer updates today?

Ready to learn more? Checkout our new short, fun education videos on the “Cybersecurity Whiteboards” video playlist, here: https://www.youtube.com/playlist?list=PLUdKZUJquY1hn2EwlBJ90MyunBYcAaXRk.

As National Cybersecurity Awareness Month comes to a close, it’s important that the efforts put forth do not end. The reality is this: as the cost of compute power continues to be driven down by advancements in manufacturing and technology, the resources used by malicious hackers become more accessible. This, combined with the fact that a successful cyber breach gets more and more newsworthy and profitable by the day, means the problem isn’t going anywhere anytime soon. When we take steps together to be stronger individually, we become stronger collectively. We can prove the saying, “A rising tide lifts all boats.” Together, we can lift the intellectual property, national security and private data “boats” if we all commit to be more cyber conscientious and cautious.