cyber hygiene

Kick off the new year with us as we launch our 'New Year, New You' campaign, tailored to infuse cyber safety into your daily habits.

We're excited to share our lineup of engaging activities to bolster the Yale community's cybersecurity awareness. We've got your back from the highly anticipated 21-day Cyber Habit Challenge to our practical workshops and self-paced activities.

We've also drawn inspiration from two bestselling books about habits -  BJ Fogg's "Tiny Habits" and James Clear's "Atomic Habits". Our goal is to help you build and maintain cyber-safe practices both at Yale and in your personal life. Listen in as we unravel the struggles of sticking to New Year's resolutions - usually too lofty and unrealistic -  and the nuances of realistic habit formation.

As your Bee Cyber Fit podcast hosts, we bring our personal stories to the table, discussing how even simple tools like a timed water bottle or calendar reminders can become powerful prompts in habit building.

We also touch upon the crucial topic of ransomware, breaking down its mechanics, and the peril of succumbing to cybercriminals' demands. Tune in for actionable steps to keep your digital life secure, including the importance of backups, system updates, and the power of cautious clicking.

Our conversation wraps up with a reflection on how anchoring new cybersecurity habits to existing routines can lead to a more secure and fulfilling year ahead. Join us for this informative session that promises to enlighten and empower you in the cyber realm.

********
Calls to Action:

Ready to join us and build your cyber muscles? 

Here are three simple actions you can take:

1. Sign up for the 21-Day Cyber Habit Challenge. It starts February 1 but the Yale community can register at any time during the month.
2. Weigh in with your feedback - complete our annual cybersecurity awareness survey. Your opinion matters and your insights will help shape our cybersecurity awareness program in 2024 and beyond.
3. Compete in our cybersecurity awareness trivia challenge. 

Learn more about Yale Cybersecurity Awareness at cybersecurity.yale.edu/awareness

Never miss an episode! Sign up to receive Bee Cyber Fit podcast alerts.

Our guest today is Rita Gurevich, the CEO and Founder of SPHERE, an identity hygiene platform. Gurevich joins host David Puner to explore the challenges and dynamics surrounding identity and cyber hygiene in today's cybersecurity landscape. The conversation begins by addressing the accelerated pace at which cyber controls and identity hygiene requirements are evolving, emphasizing the critical role they play in cybersecurity strategies. The discussion extends to the impact of cloud and hybrid environments, the nuances of cyber insurance trends – and the challenges presented by mergers and acquisitions in relation to identity hygiene. Gurevich highlights the growing importance of considering both cloud and on-prem systems with equal rigor, emphasizing the need for comprehensive cybersecurity measures to combat threats and risks. 

The recent report by Mozilla, shedding light on the privacy concerns around modern vehicles, struck a chord. Notably, every car brand reviewed, including behemoths like Ford, Volkswagen, and Toyota, flunked the privacy test. This revelation steered a fascinating conversation with Chris Pierson and Ingrid Gliottone from BlackCloak during a brand story recording for the Redefining Society podcast. Our focus veered towards the lurking privacy and security issues tied to the modern, tech-savvy vehicles we so casually entrust with our data.

The modern car is no longer just a mode of transport—it's a smart gadget, a data hub on wheels. But as the wheels spin, so does the reel of our personal information, weaving into the vast web of data, ready for harvest by not just the car makers, but a string of 'they' – the infotainment system providers, app developers, network providers, and possibly cyber rogues. The conversation took a deeper dive as Chris, the CEO of BlackCloak, elucidated the firm's mission—shielding corporate executives and key personnel from personal cyber threats that could ricochet back to the corporations.

The Mozilla report is an alarm bell, underscoring the high time to separate the wheat from the chaff in terms of what data is essential for functionality and what merely serves as a gold mine for advertisers or a hunting ground for cyber-attackers. This blend of privacy and security, or the lack thereof, is a cocktail we are forced to sip, as Ingrid pointed out the lack of clarity presented to buyers at the point of sale concerning the privacy policies tied to these vehicles.

The promise of tech advancements in vehicles is dazzling—better shocks for off-roaders, safety features to prevent accidents during a sudden snooze, and so on. Yet, as Chris highlighted, there's a dark side. Some policies mentioned collecting data about one's sex life and genetic information— a far cry from the basic expectations of privacy.

As the conversation with BlackCloak unrolled, the blend of excitement and concern was palpable. The question now is not about halting the march of technology but steering it towards a path where privacy and security are not the passengers but co-drivers.

The findings from the Mozilla report and insights from BlackCloak are not just food for thought, but a call to action. It is crucial to reckon with the reality of the modern-day vehicles doubling as data hubs and to steer the conversation towards a road where transparency, consent, and security are the landmarks. I urge you to dive into BlackCloak's offerings to explore how they are redefining the security landscape, ensuring the privacy and security of your personal digital realm, including that computer on wheels parked in your driveway. Visit BlackCloak to discover what they offer in shielding the modern-day knights from the unseen arrows of the digital world.

Guests:

Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]

On Linkedin | https://www.linkedin.com/in/drchristopherpierson/

On Twitter | https://twitter.com/drchrispierson

Ingrid Gliottone, Chief Experience Officer of BlackCloak [@BlackCloakCyber]

On LinkedIn | https://www.linkedin.com/in/ingridgliottone/

Resources
Learn more about BlackCloak and their offering: https://itspm.ag/itspbcweb

Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story

The recent report by Mozilla, shedding light on the privacy concerns around modern vehicles, struck a chord. Notably, every car brand reviewed, including behemoths like Ford, Volkswagen, and Toyota, flunked the privacy test. This revelation steered a fascinating conversation with Chris Pierson and Ingrid Gliottone from BlackCloak during a brand story recording for the Redefining Society podcast. Our focus veered towards the lurking privacy and security issues tied to the modern, tech-savvy vehicles we so casually entrust with our data.

The modern car is no longer just a mode of transport—it's a smart gadget, a data hub on wheels. But as the wheels spin, so does the reel of our personal information, weaving into the vast web of data, ready for harvest by not just the car makers, but a string of 'they' – the infotainment system providers, app developers, network providers, and possibly cyber rogues. The conversation took a deeper dive as Chris, the CEO of BlackCloak, elucidated the firm's mission—shielding corporate executives and key personnel from personal cyber threats that could ricochet back to the corporations.

The Mozilla report is an alarm bell, underscoring the high time to separate the wheat from the chaff in terms of what data is essential for functionality and what merely serves as a gold mine for advertisers or a hunting ground for cyber-attackers. This blend of privacy and security, or the lack thereof, is a cocktail we are forced to sip, as Ingrid pointed out the lack of clarity presented to buyers at the point of sale concerning the privacy policies tied to these vehicles.

The promise of tech advancements in vehicles is dazzling—better shocks for off-roaders, safety features to prevent accidents during a sudden snooze, and so on. Yet, as Chris highlighted, there's a dark side. Some policies mentioned collecting data about one's sex life and genetic information— a far cry from the basic expectations of privacy.

As the conversation with BlackCloak unrolled, the blend of excitement and concern was palpable. The question now is not about halting the march of technology but steering it towards a path where privacy and security are not the passengers but co-drivers.

The findings from the Mozilla report and insights from BlackCloak are not just food for thought, but a call to action. It is crucial to reckon with the reality of the modern-day vehicles doubling as data hubs and to steer the conversation towards a road where transparency, consent, and security are the landmarks. I urge you to dive into BlackCloak's offerings to explore how they are redefining the security landscape, ensuring the privacy and security of your personal digital realm, including that computer on wheels parked in your driveway. Visit BlackCloak to discover what they offer in shielding the modern-day knights from the unseen arrows of the digital world.

Guests:

Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]

On Linkedin | https://www.linkedin.com/in/drchristopherpierson/

On Twitter | https://twitter.com/drchrispierson

Ingrid Gliottone, Chief Experience Officer of BlackCloak [@BlackCloakCyber]

On LinkedIn | https://www.linkedin.com/in/ingridgliottone/

Resources
Learn more about BlackCloak and their offering: https://itspm.ag/itspbcweb

Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story

The recent report by Mozilla, shedding light on the privacy concerns around modern vehicles, struck a chord. Notably, every car brand reviewed, including behemoths like Ford, Volkswagen, and Toyota, flunked the privacy test. This revelation steered a fascinating conversation with Chris Pierson and Ingrid Gliottone from BlackCloak during a brand story recording for the Redefining Society podcast. Our focus veered towards the lurking privacy and security issues tied to the modern, tech-savvy vehicles we so casually entrust with our data.

The modern car is no longer just a mode of transport—it's a smart gadget, a data hub on wheels. But as the wheels spin, so does the reel of our personal information, weaving into the vast web of data, ready for harvest by not just the car makers, but a string of 'they' – the infotainment system providers, app developers, network providers, and possibly cyber rogues. The conversation took a deeper dive as Chris, the CEO of BlackCloak, elucidated the firm's mission—shielding corporate executives and key personnel from personal cyber threats that could ricochet back to the corporations.

The Mozilla report is an alarm bell, underscoring the high time to separate the wheat from the chaff in terms of what data is essential for functionality and what merely serves as a gold mine for advertisers or a hunting ground for cyber-attackers. This blend of privacy and security, or the lack thereof, is a cocktail we are forced to sip, as Ingrid pointed out the lack of clarity presented to buyers at the point of sale concerning the privacy policies tied to these vehicles.

The promise of tech advancements in vehicles is dazzling—better shocks for off-roaders, safety features to prevent accidents during a sudden snooze, and so on. Yet, as Chris highlighted, there's a dark side. Some policies mentioned collecting data about one's sex life and genetic information— a far cry from the basic expectations of privacy.

As the conversation with BlackCloak unrolled, the blend of excitement and concern was palpable. The question now is not about halting the march of technology but steering it towards a path where privacy and security are not the passengers but co-drivers.

The findings from the Mozilla report and insights from BlackCloak are not just food for thought, but a call to action. It is crucial to reckon with the reality of the modern-day vehicles doubling as data hubs and to steer the conversation towards a road where transparency, consent, and security are the landmarks. I urge you to dive into BlackCloak's offerings to explore how they are redefining the security landscape, ensuring the privacy and security of your personal digital realm, including that computer on wheels parked in your driveway. Visit BlackCloak to discover what they offer in shielding the modern-day knights from the unseen arrows of the digital world.

Guests:

Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]

On Linkedin | https://www.linkedin.com/in/drchristopherpierson/

On Twitter | https://twitter.com/drchrispierson

Ingrid Gliottone, Chief Experience Officer of BlackCloak [@BlackCloakCyber]

On LinkedIn | https://www.linkedin.com/in/ingridgliottone/

Resources
Learn more about BlackCloak and their offering: https://itspm.ag/itspbcweb

Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story

In this episode of eXploring cybersecurity we discuss the new SEC regulations around incident reporting for public companies, risk quantification vs risk qualification, and the importance of basic cyber hygiene. Host and ThreatX Field CISO, Jeremy Ventura will be joined by Head of Cyber Risk Engineering at Bowhead Specialty Underwriters, Edwin Covert.

Key Topics:

• New SEC Regulations on Incident Reporting: Delve into the latest SEC regulations that dictate how public companies should report cybersecurity incidents, exploring their implications and potential impact on the business landscape.
• Impact on CISOs and Boards: Explore the changing roles and responsibilities of Chief Information Security Officers (CISOs) and company boards in light of the new SEC plan, highlighting the challenges and opportunities they face in safeguarding corporate data.
• Preparedness of Organizations: Assess whether organizations are adequately prepared to meet the requirements of the new SEC regulations, discussing the measures and strategies they should implement to enhance their cybersecurity posture and incident response capabilities.
• Sustaining Cyber Hygiene and Fundamentals: Emphasize the importance of maintaining strong cybersecurity hygiene and foundational practices within organizations.
• Risk Qualification vs. Risk Quantification: Clarify the distinction between risk qualification and risk quantification in the context of cybersecurity, offering insights into how organizations can effectively assess and communicate cybersecurity risks to make informed decisions.

In this episode I talk with Alex Ruiz about 3GO's amazing services that provide high quality cyber security services for the every day person. I highly recommend everyone go check out this company and their services. As always if you enjoy this podcast please go leave a review of the show and share the podcast with someone. Thanks everyone!

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast

Alex's Social Media:
https://www.linkedin.com/in/alexbruiz/
https://3go.com/

Affiliate Links:
NordVPN: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=87753&url_id=902

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today

This week’s episode of the Fearless Mindset Podcast features Stefanie Drysdale, Vice President of Prescient. Staying safe online is a matter of personal responsibility and digital savvy.

Stefanie shares her insights on how you can stay safe and some best practices that you can follow. She also shares how women can take the reins in their careers and the best ways to position in this rapidly changing digital world to set up for success both personally and professionally.   

HIGHLIGHTS

• Stefanie's meteoric career growth and using intuition
• Cyber hygiene: Staying safe online and in crypto
• The great resignation and how companies thrive today
• Online dating safety tips

QUOTES

Stefanie: "Stefanie: "You are leaving the keys in your car, you are making things very simple by using the same password on all of your websites. And they have tools to help. So if you have a password manager, then that'll help you keep track of everything, even though I know it's not super convenient, but I promise you a breach isn't convenient."

Stefanie: "There are other companies that are ahead of the pack when it comes to diversity, equity, and inclusion, social issues, remote flexibility, being more tapped into the human element of things, whether they're more progressive or their numbers align more with how the rest of the world wants it to look."

Find more about Stefanie by checking out the link below:

Linkedin - https://www.linkedin.com/in/stefaniedrysdale/

To hear more episodes of The Fearless Mindset podcast, you can go to

 https://the-fearless-mindset.simplecast.com/

 or listen to major podcasting platforms such as Apple, Google, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.

This is part two of a two-part special edition that was recorded at the 2019 Cyber Florida Conference. In the first part, a panel of cybersecurity experts discussed “Cybersecurity and the C-Suite,” while the second part discusses partnerships and opportunities that bridge the gap for qualified cybersecurity personnel and our interconnected cyber ecosystem. The panel was moderated by Sprint’s Chief Information Security Officer Mark Clancy. On the panel sat three cybersecurity professionals who have years of expertise: Diane Janosek, Commandant of NSA's National Cryptologic School; Andy Zolper, SVP, CISO, and Head of Technology at Raymond James Financial; and Terry Roberts, CEO and Founder of WhiteHawk, Inc. (To learn more about Janosek, Zolper, and Roberts, listen to the The No Password Required Podcast episode titled “Cybersecurity in the C-Suite.”)

This No Password Required episode began with the question, “What can the big guy do to help the small guy?” and panelists discussed the role of large corporations and technology service providers. Often small-to-mid-sized organizations are understaffed when it comes to their IT department and/or they are solely reliant on external providers for their security. Many larger organizations and service providers are making the investment to provide advanced security protocols because it impacts their products and, for some, it gives them a competitive edge in the marketplace. Larger corporations and service providers are carrying the responsibility of protecting smaller organizations, but it is a symbiotic relationship. Smaller organizations must do their part to have good cyber hygiene and understand their risks and their roles in preventing those risks.

Motivating smaller organizations to have a proactive cyber culture is often dependent on two things: communication and risk. A panelist emphasizes that the success of motivation revolves around language. The key to communicating with C-level executives and business stakeholders is to provide information as it relates to them, using their industry-specific lingo, demonstrating their profit and loss potentials, and illustrating how it impacts their community. By answering “how can we partner in a way that shows that we want to mitigate risks to a point that we’re a stronger business partner” can solve some of the gaps in cybersecurity. “Don’t wait for someone to offer, ask,” is the advice of Andy Zolper when it comes to mitigating risks.

Mark Clancy asked the panel, “How do you cyberize the CEO?” Cyberizing the CEO often begins with a review of their cybersecurity risk profile. By mapping risks to reputation and quantifying revenue to business impact can be the necessary wake-up call. “Cyberizing” was a phrase coined in part 1 of this series that is interpreted as educating/training C-level professionals to understand their company’s tech, their role in cybersecurity and operations, and their leadership in corporate cyber culture. “Cyberizing” encourages insight that helps build an adequate IT team or relationship with technology service providers. Cyberizing naturally encourages investing in employees as the greatest assets. It holds the belief that employees are responsible for maintaining good cyber hygiene, managing customer and partner relationships, and evolving with technology.

Another solution offered is “cyberizing the principal.” This involves instilling the value of cybersecurity as soon as a child is handed technology. One panelist advocates for developing educational programs that incorporate cybersecurity in programs from elementary to college, with her belief that it will carryover good cyber hygiene from the home to the public and business sectors.

Another component of closing the cybersecurity personnel gap is by encouraging information sharing in new ways, as well as, encouraging IT professionals to transition through various sectors and educational opportunities to keep their experience fresh and relevant. The panel discussed some of the current issues and possible solutions that involve sharing information, the importance of nonprofit interlocutors, the problem with classified versus unclassified information sharing, zero trust, and more. The cybersecurity experts also discussed educational opportunities, crossover through sectors and the role of leveraging academia and cyber labs to find solutions.

In the final segment of the podcast, the guests discuss some of the highlights of the 2019 Cyber Florida Conference and list topics that they would like explored at the future conferences.

You can find part 1 and 2, as well as other episodes of No Password Required Podcast, on our website at https://cyberflorida.org/podcast/. This special edition was recorded at the 2019 Cyber Florida Conference in Tampa, Florida. Learn about upcoming Cyber Florida events, including the Annual Conference, at cyberflorida.org or follow us on social media.

TIME STAMPS

01:30 Partnering Competitively & Cyber Ecosystem

07:17 Cyberizing the CEO

10:43 Cyberizing the Principal

13:48 Public-Private Partnerships

15:51 Nonprofit Interlocutor & Scaling Partnerships

17:32 Collaborating for Information Sharing

19:00 Zero Trust

24:42 Classified vs Unclassified Sharing

25:30 Surprises from the Cyber Florida Conference

During Cyber Florida Conference 2019, a panel of respected cybersecurity experts gathered to share their insights on how cybersecurity impacts the C-level professional, changes in accountability and business models, and what it means to build a cyber-strong workforce. The panel was moderated by Mark Clancy, Chief Information Security Officer (CISO) for Sprint. The esteemed guests on the panel were Diane Janosek, NSA Commandant of the National Cryptologic School; Andy Zolper, SVP, CISO, and Head of Technology Infrastructure for Raymond James Financial; and Terry Roberts, Founder and President of WhiteHawk, Inc.

C-level professionals have been a driving force in developing business and securing infrastructures. Recent breaches resulting in CEO firings and similar repercussions are impacting the way many C-level leaders are engaging with technology and their workforce’s cyber culture. Cyber Florida took the opportunity at the conference to help both the C-level professionals and stakeholders who are part of their decision-making process with a discussion titled “Cybersecurity and the C-Suite.” The panelists discussed why it is vital for C-level executives to embrace cybersecurity education and innovation. The experts spoke to what factors C-level leadership face in their organization and workforce in relation to security, networking, and data fundamentals. A large portion of the conversation focused on identifying what it takes to onboard a workforce in this computer-centric modern life (with the phrase “cyberize” being coined to discuss the process), and understanding the crossover that is occurring because of the inter-connectivity of roles and risks.

Panelists discussed case studies and resources, such as cyber executive programs, where C-level professionals can:

• learn the basics of cybersecurity,
• embrace accountability at the C-level,
• identify the risks and opportunities of current infrastructure and future tech,
• learn how certain business models are changing as a response to technology,
• establish pillars for a robust cyber culture,
• understand independent cyber risk ratings as a commodity,
• develop a cyber-strong workforce, and
• create a constructive response plan to cybersecurity attacks and cybercrimes.

This is a two-part edition with the second part discussing the personnel gap in cybersecurity and what can be done about it. You can find parts 1 and 2, as well as other episodes of No Password Required podcast, on our website at https://cyberflorida.org/podcast/. This special edition was recorded at Cyber Florida Conference 2019 in Tampa, Florida. Learn about upcoming Cyber Florida events, including the annual conference, at cyberflorida.org or follow us on social media.

TIME STAMPS

00:42 Who is Diane Janosek, Cybersecurity Expert, Cyber Security Woman of the Year

02:03 Who is Andy Zolper, CISO at Raymond James Financial

02:45 Who is Terry Roberts, Cybersecurity Exchange

03:58 How to Communicate Cybersecurity to Leadership

07:25 C-Level Accountability, Cyber Risk Ratings are a Commodity, Cyber Executive Program

09:53 Hiring a Cybersecurity Workforce and Training a Cybersecurity Culture

15:55 Innovation in Education for Cybersecurity and Cyber Risk Training

18:50 Identifying, Leading and Managing Critical Skills

21:54 Cyberize Your Team, Workforce Crossovers, and Cyber Defense Ecosystem

26:07 Business Interruption and Constructive Actions to Address Cyber Crimes

27:35 Cyber Executive Programs and Case Management