HAVE I BEEN PWND?
Enter your email address (work and home) and find out if it has been a part of a data breach. Does not contain data on all breaches worldwide, but it has a lot of them. Set it up so that you’ll automatically be notified if your address appears in a future breach. You can also arrange for all addresses in your company domain (@yourfirm.com) to receive the same notification.
STAY SAFE ONLINE
A great resource for both your business, and you as an individual (and your family members, etc.).
The U.S. Federal Trade Commission wants to hear from you if you’ve received a spam email. Your ISP should filter most of it, but anything that gets through is probably more dangerous than you might think. Forward the spam email to the Federal Trade Commission at firstname.lastname@example.org. Be sure to include the complete spam email.
NO MORE RANSOM!
In some cases, keys to decrypt encrypted files are available. Find out if you’re one of the lucky ones by visiting No More Ransom!
Cybrary is a great resource for a wide range of cybersecurity training, and best of all: free.
Habitu8 helps companies build effective security awareness programs though their unique, engaging, and entertaining training videos. I’ve been through some terrible security training in my time, and I only wish they had Habitu8 back when I started.
Once you’ve got the awareness situation addressed, Elevate Security works on changing the behavior of your employees by exposing them to how hackers think, giving them a new perspective on what they should do, how and why they should you do it, and how it all comes together from a security perspective.
THREAT MODELING THURSDAYS
Threat modeling is how you figure out what’s important to you and what you worry about the most. Key factors in building a sound cybersecurity program. Adam is a world-renowned expert who literally wrote the book on how to threat model.
TWO-FACTOR AUTHENTICATION: DUO SECURITY
A commercial product that is well done, highly regarded, and not terribly expensive (free up to 10 users).
TWO-FACTOR AUTHENTICATION: YUBIKEY
If you’re really taking this 2FA thing seriously, and don’t want to use personal cell phones for receiving factors, Yubikey is a very small and easy to use hardware-based solution. It is more expensive than Duo and requires a little more management on the part of your IT people.