Blog Post

Screen Shot 2016-10-14 at 14.49.45

How to protect your business from a security attack

Recently, I caught up with Priority One IT Support to provide advice to business owners on how they can protect their business from a security attack.

A glance at the media will show that attacks are not only on the rise, but the types of companies under attack are also varied. Whereas previously only the largest of companies and financial institutes came under attack, these days, companies of all sizes and industries are targeted.


Protecting your business

From a fundamental perspective it’s almost impossible to prevent 100% of all attacks, but you can reduce the impact that they have by:

  1. Understanding your key data elements and focus on your security controls around these.
  2. Put in place controls that can isolate and closely monitor those critical systems.
  3. Understand where you may be vulnerable. This will vary depending on your business e.g. if you are on a ground floor it is riskier leaving a window open compared to someone 10 floors up.

Common pitfalls

The most common pitfall is lack of user education and awareness. For example, if a member of staff receives an email informing them they have won the lottery, they should know how to ignore it. The basics of user behaviour and education often let a business down.

The second, often overlooked issue is the lack of robust monitoring controls. Many companies often only discover they have been hacked many months later once it makes the news.

What to do in the event of an attack

A business should have a plan in place before an attack takes place.

  1. Formulate a plan that includes steps to inform internal staff, stakeholders, partners, and customers.
  2. Know how to isolate systems to limit the damage and assess the impact.
  3. Have backups in place from which services can be resumed as quickly as possible.


jm hearted

Things I hearted – no more

Things I hearted has been probably one of the most regular series of posts I’ve done in recent times. At the same time, I was doing a weekly roundup over at my AlienVault blog. So, in the interest of saving time, energy, and preserving my youthful good looks; I decided to not only combine both into one weekly roundup – but also add a video element to it.

It ends up being all the same links you love – just a new home and a new format. I’ll still be listing out all the links and stories I found interesting during the week from the world of security and beyond. But this time with added video commentary.
Let me know what you think of the newish format.

jm hearted

Things I hearted Last Week

For the week ending 25th September 2016


On one hand vendors want users to patch their systems and keep them secure. On the other hand, actions like this causes people to not want to apply official updates.


North Korea just accidentally turned on global zone transfers for their top level domains, archive of the data here.


My good friend James McQuiggan attended (ISC)2 congress where he not only MC’d the leadership awards, but also won the Presidents Award for a volunteer who has contributed to advancing the security profession. He wrote a nice writeup of the event.


The war Microsoft should have won.


Over 60k vulnerabilitie went unassigned by MITRE’s CVE project in 2015. Good research on the issues with CVE and what needs to be fixed.


Building Spring Cloud Microservices That Strangle Legacy Systems A good post on legacy systems, handing data etc. Worth bookmarking this one.


Well-written piece on how terrorists use encryption.


2016 best WiFi hacking and Defending Android application.

jm hearted

Things I hearted Last Week

For the week ending 18th Sept 2016


I’ve stopped even trying to understand digital ownership and how copyrights work. Getty images tries to make original photographer pay for her own photos.


Israeli Online Attack Service ‘vDOS’ Earned $600,000 in Two Years.

Apparently this has been running for a while, but only the payment details were made available for the last two years. According to Krebs, it looks as if two people were the masterminds behind the operation. So that would be an average of $150k each a year. Then you subtract costs of running the operation, any additional resources they need, the cost of laundering money and it’s likely they took home around something closer to $100k each a year. Now $100k is by no means anything to turn your nose up to. But, they probably could have ended up better off if they’d chosen a legit route to market.


Still in Israel, How Israel’s startup community shut down an IPO that one investor called a ‘sham’


If you look up the word ‘irony’ in the dictionary, you’ll probably see a link to this article where adblock itself is to begin selling advertisements. It illustrates the difficulty online businesses have in generating revenue streams outside of advertising. Thus lending credence to publications and sites that have a lot of adverts. All I can think of is the quote from The Dark Knight “You either die a hero, or live long enough to see yourself become the villain.” But seriously, is this where adblock moves from a pure ad-blocking service to an ad-moderating service. Will it spin up the security angle that it only serves ads free from malware? How long before an AV vendor buys it and bundles the capabilities into its consumer version?


A detailed account by Wired on how it made the move from plain old HTTP to the shiny HTTPS. I like real-life tech stories – and this is nicely written.


Uber, Square, Airbnb, and others form cybersecurity coalition for vetting vendors. I like the idea in principle – to save duplication of effort and standardize on some aspects. But actually effectively implementing something like this… ummm.


Discovering how Dropbox hacks your Mac.


I wasn’t able to make it to 44Con last week, but the feedback from the event has been great. I noticed Steve Armstrong posted his slides on Advanced Incident Remediation techniques. Steve’s a great presenter and really knows his stuff.


CB Insights has a wonderful periodic table of cybersecurity startups.


FBI trying to build legal cases against Russian hackers.


Not quite security, but a good post nonetheless on critical thinking for software engineers.


Finally, nothing is sacred. A ‘memory hacker’ explains how to plant false memories in people’s mind!


jm hearted

Things I hearted last week

For the week ending 11th Sept 2016


Yes, I’m late again. Don’t blame me – blame Gartner! Well, the fact that I was attending the Security and Risk Summit in London and then I was catching up on work and then… well you’re not interested in my excuses, let’s get onto the juicy stuff!


I read this article on “predictive policing” and how police could learn a lesson from Minority Report and couldn’t help thinking about the parallels that could be drawn to security.


Fake attacks by insiders to fool companies


This is pretty cool – USBe – air-gap cover-channel via electromagnetic emission from USB. (PDF). There’s also a video showing it in action.


Age diversity an issue? What happens when a 54 year old esteemed apple engineer applied for a job at the Genius Bar. What happened next will shock you! No, I don’t think I’m quite at that level of click-bait yet.


Snagging creds from locked machines by using a plugin device that masquerades as a USB Ethernet adaptor.


 Hacker takes down CEO wire transfer scammers and sends their Win 10 creds to the cops.


Detecting malware with Memory Forensics. (PDF)


Little Flocker beta is out. It’s a product similar to Little Snitch, but for file access instead of network connections. Looks pretty cool.


Internet Disinformation Service for Hire – isn’t that pretty much all of the internet? I’m sure my facebook feed is filled with more disinformation than anything else. Please share this post and type amen or something bad will happen to you!


The employee badge that monitors where you are and who you are talking to.  Umm yeah, totally a cool thing and like “fitbit for your career”. Nothing creepy about this at all.


Don’t like security restrictions? Just ignore them. Clinton email highlights frustrating reality of bypassed IT policies


IoT security vulnerability disclosure: A tale of two industries


Finally – an interesting article on being patient and how invention is only the first step of innovation. When you change the world and no one notices.