Sullivan Wright Technologies

In our continued effort to educate and help business owners succeed, we recently brought up some cybersecurity red flags in AMP that you may want to consider. These red flags are programmatic, not technical. Be smart in building your cyber risk management program and don't waste money or time. Take a read and let us know what you think.

We continue to educate the state on the best way to manage risk in business. A smarter business is a more secure business.

If you've had our cybersecurity awareness training in your business, you know we try to throw a little humor into it. Without humor after all, what is life? We've found that people are more receptive to the message if they get a laugh out of it. This is one reason we still do hand-crafted and in-person training, even though it's not scalable. Cybersecurity is serious business, but making it fun may be the thing that gets your team past the drudgery and into positive action.

Thinking you are safe because you are small or don't deal in very much sensitive information? I'm sure Internet Archive thought that, too. Hackers breached them and got users' login accounts. No credit cards, no bank accounts, no health records, no PII, nothing of real significance. ...but they still breached this non-profit. If they'll target a beloved site that truly had no enemies, don't you think you'd be a target too?

NIST's efforts to update password requirements continue. They've been talking this up for a few years but it's finally in print. Don't expect things to change overnight, though. It takes time to update these complex systems. Also, there some die hard compliance bean counters out there who will "cold dead hands" this one. Sometimes it's hard to give up those easy controls for ones where you have to think.

Our October newsletter is out. In it we talk about a scary new "prove your are human" attack and combating election disinformation at your level. https://lnkd.in/gx--6P-t

We had a similar issue here in Arkansas a few years ago. The state government wisely decided to back down after some indirect advice from industry professionals. This is yet another example of elected officials acting in poor judgement. It's very important for our governments to be appropriately open and honest in these matters lest they lose both the battle against the cyber attackers and the trust of their constituents.

Everyone knows Captcha, the mostly pointless attempt to prevent bots from brute forcing our logins. Well, attackers are using this trust of captcha to hack you. The Windows-R key allows you to run commands directly on your computer. You should never do that unless you absolutely know what you are doing. You certainly shouldn't trust anything that was blindly copied from the internet. Think before you click!

We've all heard the news about Russian disinformation related to the upcoming election. That may seem obscure and distant (although it's really not), you should also watch for direct threat this election season. There is always someone out there to defraud you. Watch out for election themed scams asking for money or account credentials!

Our September newsletter is out now. We discuss the benefits of cyber insurance, the need to dig deeper into cyber news stories, and some other tidbits.