How To Transition Cybersecurity Awareness Month Into A Common Practice

WEBVTT 1 00:00:02.359 --> 00:00:05.480 Alright, alright, we're back in the Atlanta studios here Rich casting over Global 2 00:00:05.480 --> 00:00:10.000 Podcast Studios headquarters in Atlanta, Georgia. If you've been down this way, 3 00:00:10.039 --> 00:00:14.560 stopped by. But speaking of stopping by, we have the Mr Dwayne Hart 4 00:00:14.560 --> 00:00:18.640 in the studio. Uh everything cybersecurity. He's literally written a book on the 5 00:00:18.640 --> 00:00:22.160 topic. He has a longstanding podcast going into season two. I believe it 6 00:00:22.239 --> 00:00:25.839 is, right, yes, right, yes, and and that's for the 7 00:00:25.879 --> 00:00:29.120 podcast. And you've added another element, which we just did a recording of 8 00:00:29.199 --> 00:00:33.039 taping here in the studio, a live stream on YouTube and that's getting some 9 00:00:33.079 --> 00:00:37.399 great traction on that end. But back here in the studio. So, 10 00:00:37.880 --> 00:00:41.560 UM, what's interesting about this podcast in this episode is talking about timing. 11 00:00:41.719 --> 00:00:47.399 It is the official month, drumroll please for Cybersecurity Month. It is. 12 00:00:48.119 --> 00:00:50.439 And this a little bit of the backstory I've heard about it. I didn't 13 00:00:50.479 --> 00:00:54.359 realize the backstory. This was actually created in two thousand and four. Um, 14 00:00:54.560 --> 00:00:58.840 the President of States and Congress declared October to be Cybersecurity Awareness Month. 15 00:00:59.119 --> 00:01:03.079 That's been going on eighteen years in the making. And UM, so let's 16 00:01:03.159 --> 00:01:04.480 jump right into it. I've got a lot of questions on this, UM, 17 00:01:04.719 --> 00:01:08.439 the topic of the month. So let's first of all, what is 18 00:01:08.480 --> 00:01:11.000 the what do you think that in your mind? I mean, you're you're 19 00:01:11.040 --> 00:01:15.640 the subject matter expert on this. What's the purpose of Cybersecurity Awareness Month? 20 00:01:15.319 --> 00:01:19.359 Well, it's not for people to run and hide. That was for sure, 21 00:01:19.640 --> 00:01:23.760 Okay, all right, you know while you're looking at me when you 22 00:01:23.799 --> 00:01:27.920 say that, yeah, you know, it's it's it's that in this society, 23 00:01:29.200 --> 00:01:34.680 we we actually have the cybersecurity fears that are going on where people are 24 00:01:34.799 --> 00:01:42.000 very afraid of cybersecurity for some odd reason. And cybersecurity is a shield that 25 00:01:42.319 --> 00:01:49.519 serves to protect our lives, information and data. So with that said, 26 00:01:49.200 --> 00:01:55.920 Cybersecurity Awareness Month has its pluses, and you know, the the plus is 27 00:01:55.959 --> 00:02:00.079 to cybersecurity aware of this month. It's so that people can't engage, you 28 00:02:00.120 --> 00:02:06.519 can understand how to use cybersecurity. This is the time to sit back and 29 00:02:06.599 --> 00:02:12.639 take an evaluation of yourself and your engagement or if you're on a corporation, 30 00:02:13.439 --> 00:02:17.360 what are some of the things you need to do to improve your cybersecurity programs? 31 00:02:19.520 --> 00:02:23.840 Also too, taking a deep view into a security state. Because the 32 00:02:23.960 --> 00:02:31.599 month of October for cybersecurity awareness has always been focals on users users, but 33 00:02:31.759 --> 00:02:38.479 now that needs to be a deep view into the security state of a company, 34 00:02:38.680 --> 00:02:44.479 so that you can take a view and see are we really practicing cybersecurity 35 00:02:44.520 --> 00:02:51.879 as we should or are we just getting by changes happen, and corporation have 36 00:02:52.000 --> 00:02:57.960 the adfurcate changes too, because with cybersecurity is constantly changing, there's all kinds 37 00:02:57.960 --> 00:03:02.520 of different critical issues that are happening. So it's the time to focus. 38 00:03:01.360 --> 00:03:07.120 Yeah, it's definitely. UM, it's something that should be you know, 39 00:03:07.360 --> 00:03:09.719 you talk a lot, you know, throughout the year, there's different things 40 00:03:09.719 --> 00:03:13.479 to do, but it's like you know, your news, your resolutions, 41 00:03:13.479 --> 00:03:15.360 you kind of re evaluate what you did the last year. In business, 42 00:03:15.520 --> 00:03:20.800 you look at your you know, quarterly reports and evaluate and decide what actions 43 00:03:20.879 --> 00:03:23.360 need to be um, maintained or changed. Uh. And speaking of changes, 44 00:03:23.400 --> 00:03:28.879 I was thinking about much like um, you know, when when the 45 00:03:28.919 --> 00:03:31.080 at least in the US, when we have our time change, it should 46 00:03:31.120 --> 00:03:35.560 it sends a signal to say, of a minor to change your battery and 47 00:03:35.599 --> 00:03:38.719 your smoke alarm, So much like cybersecurity. When this, when this rolls 48 00:03:38.759 --> 00:03:40.840 around, it's like, let's take a step back and re evaluate, you 49 00:03:40.879 --> 00:03:44.800 know, what do we do right last year in cybersecurity in terms of our 50 00:03:44.879 --> 00:03:47.599 organization, what new things do we need to tackle right? But that makes 51 00:03:47.639 --> 00:03:52.080 sense, yes, it's yes, it does make sense. But it requires 52 00:03:52.120 --> 00:03:58.319 the organization to have some actionable data and to collect metrics and to use those 53 00:03:58.400 --> 00:04:05.879 metrics as a development platform and at because those metrics are designed so that the 54 00:04:05.960 --> 00:04:12.840 organization can see what the security rectness stands. And with the security rectness, 55 00:04:13.080 --> 00:04:17.000 it focuses beyond users, but also looking at your technologies, looking at your 56 00:04:17.079 --> 00:04:24.199 vendors, looking at your business process, looking at how you invest in the 57 00:04:24.279 --> 00:04:31.199 cybersecurity and also too coming up with a plan for your future state where what 58 00:04:31.319 --> 00:04:35.160 do you want to carry cybersecurity for that next year. But let's talk about 59 00:04:35.240 --> 00:04:40.680 what are some activities that organizations should you know. It should occur during October 60 00:04:40.800 --> 00:04:47.839 training training, train and train. Training can be formal or it can be 61 00:04:47.920 --> 00:04:55.040 informal. Uh formal is let's sit down in the classroom and talk about cybersecurity. 62 00:04:55.399 --> 00:05:00.879 Or it can be informal where you start to have larger discussions and part 63 00:05:00.879 --> 00:05:05.600 of old discussions falls into a team involvement and they look at you different technology 64 00:05:05.639 --> 00:05:12.759 teams and also looking at two different UM non technology teams and branching those two 65 00:05:13.040 --> 00:05:18.279 together and started and having a conversation about the previous year and where do you 66 00:05:18.319 --> 00:05:24.240 want to vehicle cybersecurity right next year? Yeah, because a lot of times 67 00:05:24.240 --> 00:05:27.399 we think that just lays on the shoulder of the of the I T Department. 68 00:05:27.439 --> 00:05:32.240 But anybody in your organization that is connected to the internet right start there. 69 00:05:32.800 --> 00:05:36.120 They need to be involved and they need UM And you mentioned about learning, 70 00:05:36.199 --> 00:05:40.959 so it's again kind of learning from what we did and learning about there's 71 00:05:40.959 --> 00:05:45.319 always always always new developments, right. So uh, the operative where there 72 00:05:45.360 --> 00:05:50.800 is awareness, yes, it is because of the growth mindset continue to develop. 73 00:05:51.600 --> 00:05:55.439 So what are some things people should be aware of? What would be 74 00:05:55.480 --> 00:06:01.959 on your short list? Uh? Well, I think that people should be 75 00:06:02.959 --> 00:06:10.519 aware of some of the things that affect their environment. Okay, okay, 76 00:06:10.680 --> 00:06:15.360 if you look at some of the environments, UM, you know you want 77 00:06:15.360 --> 00:06:21.720 to look and try to think about how incidents happens. You want to look 78 00:06:21.800 --> 00:06:29.279 and see whether all your employees are engaged into cyber security, have that mindset 79 00:06:30.720 --> 00:06:36.079 all right? You also want to look and see whether there's complacency because complacency 80 00:06:36.279 --> 00:06:43.199 is very important because if an organization has a group of users that are complacent, 81 00:06:43.279 --> 00:06:48.720 and that's a risks a lot of problem. Even if you have fishing 82 00:06:48.720 --> 00:06:54.040 attacks and so forth, and people are complacent, they are serving as a 83 00:06:54.079 --> 00:07:00.839 sweet spot for phishing attacks. To care. One of the other things things 84 00:07:00.920 --> 00:07:05.240 always like to talk about, it's that it's that you want to make sure 85 00:07:05.279 --> 00:07:10.120 that you have a continuous engagement, so that means everybody has to be involved. 86 00:07:10.680 --> 00:07:13.879 You know, you want to be able to address cybersecurity fund the front 87 00:07:13.920 --> 00:07:20.000 line and have a proactive environment because you don't want to have a have more 88 00:07:20.160 --> 00:07:25.959 of a reacting virus, because reactive means that we are in the emergency mode 89 00:07:26.279 --> 00:07:30.199 and we're fighting fund the rear. Right. Yeah, I mean it's like 90 00:07:30.240 --> 00:07:32.199 I mentioned at the top of the show about the New Year's resolution, A 91 00:07:32.199 --> 00:07:34.600 lot of people have fitness in mind, right, So you can't just go 92 00:07:34.680 --> 00:07:39.240 to the gym in January and be set for the year, right. So 93 00:07:39.399 --> 00:07:42.480 in cybersecurity, you can't just be like, um, well we checked that 94 00:07:42.519 --> 00:07:46.519 off our list last year. You know you can't do that, right, 95 00:07:46.759 --> 00:07:50.079 So let's um so when you put these or when you put these individuals, 96 00:07:50.399 --> 00:07:55.639 your employees and in a room for training, you mentioned earlier. What are 97 00:07:55.639 --> 00:07:58.800 some of the discussions that you know should be on the shortlist? Uh, 98 00:07:59.000 --> 00:08:05.920 that are most critical cybersecurity wareness? Wow? You know, you know the 99 00:08:05.000 --> 00:08:13.879 traditional way has been talked about passwords, social, social engineering, UM, 100 00:08:15.120 --> 00:08:20.199 talk about the type of things that are used to protect information assets in the 101 00:08:20.319 --> 00:08:24.920 person. I like to take it to another level. Alright, alright, 102 00:08:24.000 --> 00:08:28.360 let's do it. There you go. You better strap in if you're listening 103 00:08:28.399 --> 00:08:31.200 to this in your car whenever, hold on taking it to another level, 104 00:08:31.240 --> 00:08:37.039 go on to Wayne, organization should do this. Where is your cybersecurity mindset? 105 00:08:37.720 --> 00:08:43.399 Right? Organization can take my book and pick a chapter out of there 106 00:08:43.879 --> 00:08:46.200 and we're gonna talk about four the chapter or five chapters that are relevant to 107 00:08:46.240 --> 00:08:50.120 this. But when they put him in the room, uh, you know, 108 00:08:50.360 --> 00:08:54.600 I have we have a note here about ransomware is probably top of the 109 00:08:54.639 --> 00:09:00.519 list, right, yes, yes, And you put people in a room, 110 00:08:58.799 --> 00:09:03.080 right and really, really, what you're trying to do is to have 111 00:09:03.240 --> 00:09:07.799 an open discussion. But you want to make sure that they understand the purpose 112 00:09:07.919 --> 00:09:13.000 of having a soybergecuity mindset, because if you put them in a room and 113 00:09:13.080 --> 00:09:20.000 a lot open type of discussion and if you evaluate your team and trying to 114 00:09:20.080 --> 00:09:22.360 see what they focus, trying to see what their weakness is at, and 115 00:09:22.360 --> 00:09:26.639 seeing what the overall knowledge is about. Because anybody can go to go to 116 00:09:26.799 --> 00:09:31.879 a computer and sit there and listen to a video for fifteen minutes and just 117 00:09:31.000 --> 00:09:37.120 keep going through the power point slide. But in a learning environment, you 118 00:09:37.200 --> 00:09:41.679 want to see how well people can engage into cybersecurity. So when they're learning 119 00:09:41.720 --> 00:09:46.279 how to engage into cybersecurity, this is where ransomware comes up. Okay, 120 00:09:46.320 --> 00:09:50.440 do they know what ransomware is? Do they know that when you get these 121 00:09:50.480 --> 00:09:56.759 attachments that that you need to evaluate those attachments. You cannot just punch the 122 00:09:56.840 --> 00:10:01.159 attachment because the ransomware of major slops. Even so, looking at some of 123 00:10:01.159 --> 00:10:05.759 the other critical things like a critical infrastructure right right right, you know you 124 00:10:05.759 --> 00:10:11.799 want to have that discussion because if the country and infrastructure goes down, uh, 125 00:10:11.960 --> 00:10:16.480 you know, you won't have wireless uh communications. You know, the 126 00:10:16.519 --> 00:10:22.639 water plants are offline and things such as the utility plants as well too. 127 00:10:22.799 --> 00:10:28.480 You know you don't have power. See, those things are very and very 128 00:10:28.519 --> 00:10:33.360 and very important as well too. And looking at your suppliers because as I 129 00:10:33.399 --> 00:10:37.039 said, because those can change throughout the year. We onboarded some people, 130 00:10:37.279 --> 00:10:39.360 you know, three months ago. But let's take a step back and see 131 00:10:39.399 --> 00:10:43.960 where they fit in the mix. When you look at that deep security state, 132 00:10:45.480 --> 00:10:52.080 what you're looking at is your environment from a three hundred and sixties degrees 133 00:10:52.120 --> 00:10:56.000 of security visibility. Right, you want to look at all the different intricate 134 00:10:56.000 --> 00:11:03.240 pieces that fall under your organizations and your suppliers is one because you engage them, 135 00:11:03.279 --> 00:11:07.720 because you have to have that discussion, because if you don't, people 136 00:11:07.759 --> 00:11:13.879 would assume that every supplier is um it's honest, or their trans transparency, 137 00:11:15.000 --> 00:11:18.720 or you may have changed suppliers um during the year. And this is a 138 00:11:18.799 --> 00:11:22.600 chance to take a look back and say, okay, last year we had 139 00:11:22.639 --> 00:11:24.840 these ten suppliers, we replaced three of them. We need to kind of 140 00:11:24.840 --> 00:11:28.879 take a closer look at those right, right, you know, you take 141 00:11:28.919 --> 00:11:33.639 a look and see what you're a wheat point, how did how did you 142 00:11:33.679 --> 00:11:37.879 fail with those supplies, how did you succeed um um looking at your service 143 00:11:37.960 --> 00:11:41.320 level agreements that you have in place, all right, looking at your operation 144 00:11:41.440 --> 00:11:46.080 level agreements and your privacy level agreements that you have in place, and seeing 145 00:11:46.120 --> 00:11:52.519 what they affected. Because cyber cyber awareness, and I'm going to restrict this. 146 00:11:52.480 --> 00:11:58.000 It goes beyond the typical user based security, making sure you protect your 147 00:11:58.039 --> 00:12:03.240 passwords, making sure you don't share your past words. We have to expand 148 00:12:03.320 --> 00:12:07.759 cyber awareness, right. And we've been talking a lot about companies, organizations 149 00:12:07.799 --> 00:12:11.000 and by the way, Rich casting over here alongside Dwayne Hart, we're listening 150 00:12:11.000 --> 00:12:16.559 to UM an interview with the man that wrote the book on cybersecurity and as 151 00:12:16.559 --> 00:12:20.960 well as a podcast. So before we jump into the next topic of pivoting 152 00:12:20.960 --> 00:12:24.879 from companies to individuals and like parents and so forth. UM. If this 153 00:12:24.919 --> 00:12:28.919 isn't of interest to you intriguing, UM, you can reach out to Duyne. 154 00:12:28.960 --> 00:12:33.080 Just go to Dwayne Heart dot com. You can find his book there, 155 00:12:33.120 --> 00:12:35.679 his podcast links everything you need to know about cybersecurity just at Dwayne Hart 156 00:12:35.879 --> 00:12:39.360 dot com. Okay, so Dwayne, let's talk about you know, we 157 00:12:39.360 --> 00:12:45.039 can talk about companies. UM uh I remember you had this aha moment a 158 00:12:45.120 --> 00:12:50.399 number back, I think in season one about parents and cybersecurity. What was 159 00:12:50.440 --> 00:12:54.279 the phrase you came up with there and and talk to us about that digital 160 00:12:54.320 --> 00:13:01.080 parents. Yeah, here's why cyber here's why cyber awareness is so important. 161 00:13:01.519 --> 00:13:07.279 If you're a parent, I want you to put your coffee down. I 162 00:13:07.320 --> 00:13:13.360 want you to listen to me for a second. There are potential risk for 163 00:13:13.440 --> 00:13:20.120 the youth on Snapchat and use of cell phones, use of tablets, PCs, 164 00:13:20.279 --> 00:13:24.919 PlayStation game TikTok's and everything else checked TikTok and all these accounts. You 165 00:13:26.039 --> 00:13:31.000 have to know who you're use are communicating with, and you have to become 166 00:13:31.039 --> 00:13:37.440 a digital parent. Digital parenting in the Cyber Awareness Month and me asked the 167 00:13:37.519 --> 00:13:41.639 chief of Cybersecurity, here's kind of what I want all digital parents to do. 168 00:13:43.480 --> 00:13:48.639 I want you to focus beyond just cutting the cell phones off at ten 169 00:13:48.720 --> 00:13:52.080 at night, all right, because that's a large discussion about Yeah, that's 170 00:13:52.120 --> 00:13:54.519 a digital parent. You know you just cut the cell phones off. No, 171 00:13:56.279 --> 00:13:58.960 you need to be involved with the PlayStation games. See how they opera, 172 00:14:00.080 --> 00:14:05.159 right, Who are the friends in that network snapchat in different types of 173 00:14:05.200 --> 00:14:11.200 friends. They may have learn about parental controls because you have your parental controls 174 00:14:11.240 --> 00:14:16.799 on your smart TVs, especially on Netflix, all right, but you need 175 00:14:16.840 --> 00:14:22.679 to have parental controls established on your smartphones, on your laptops, your tablets 176 00:14:22.720 --> 00:14:28.639 because now the use are probably taking classes from home. Right, Yes, 177 00:14:28.720 --> 00:14:31.519 some of that's needed right for our current school system. But you just hit 178 00:14:31.559 --> 00:14:35.639 on something we should do uh later down the road. Whole episode just on 179 00:14:35.720 --> 00:14:39.960 gaming and cypersecurity and Twitch and that's a whole you know, um whole another 180 00:14:41.039 --> 00:14:45.720 topic hole. But speaking of you know, um digital parenting, cyber Monday 181 00:14:45.879 --> 00:14:48.639 rolls around this time of the year coming up, right, and that's the 182 00:14:48.679 --> 00:14:52.120 holiday shopping and so you have a lot of employees that are online, you 183 00:14:52.159 --> 00:14:54.399 know, shopping which they probably shouldn't have, and then there's deals that are 184 00:14:54.559 --> 00:14:58.919 um, you know, it just goes in kind of warp speed. So 185 00:14:58.320 --> 00:15:03.039 they see these eight you know, uh fifty off deals and there's it's very 186 00:15:03.159 --> 00:15:07.480 enticing to jump on that without much awareness of you know, what's going to 187 00:15:07.519 --> 00:15:11.840 be the repercussions of that. And it is October, so although we shouldn't 188 00:15:11.879 --> 00:15:16.080 be scared about it, it is Halloween. I don't know if they did 189 00:15:16.120 --> 00:15:20.399 that intentional or right, building cybersecurity round the scariest month of the year being 190 00:15:20.720 --> 00:15:30.440 Halloween. But I stated before the purpose of this podcast is to remove the 191 00:15:30.600 --> 00:15:35.360 cybersecurity fee exactly right, exactly, but be prepared. I mean, much 192 00:15:35.360 --> 00:15:39.440 like we've had some storms recently, right, things are going to happen in 193 00:15:39.440 --> 00:15:43.360 life, whether it's online storm so to speak in terms of cybersecurity, or 194 00:15:43.320 --> 00:15:48.799 a man made or a storm otherwise right, criminal activity or or nature based 195 00:15:48.840 --> 00:15:52.360 a storm. It's about like when when the hurricanes coming at you or the 196 00:15:52.360 --> 00:15:56.159 tornado, people board up their windows and so forth and leave town. But 197 00:15:56.200 --> 00:16:00.519 we don't sometimes we don't connect that with online. Um, you know issues. 198 00:16:02.639 --> 00:16:07.519 You know, you know why why did people have a disconnection between online 199 00:16:07.519 --> 00:16:15.919 and regular life. It because when they think about safety, people are more 200 00:16:15.919 --> 00:16:22.759 focused on the physical form of safety. Digital safety is about cybersecurity, all 201 00:16:22.840 --> 00:16:29.759 right. It is about beyond beyond passwords. Because with safety, you know, 202 00:16:30.120 --> 00:16:34.279 human beings are focused on what can they visually see. Cybersecurity you can't 203 00:16:34.360 --> 00:16:38.639 visually see, okay, because it's digital. So that means you have to 204 00:16:38.639 --> 00:16:44.320 get into the roots of digging down and search for information and find passwords and 205 00:16:44.320 --> 00:16:48.440 so forth. Now, now, being a digital parent and the chief of 206 00:16:48.480 --> 00:16:52.919 cybersecurity is going to give you some orders for this month. Now I'm gonna 207 00:16:52.919 --> 00:16:56.879 go and put on my military uniform. Okay, all right, in digital 208 00:16:56.960 --> 00:17:03.200 parents out there, please go do your homework. Please go listen to the 209 00:17:03.279 --> 00:17:08.039 previous podcast that I have presented because as a digital parent, it is very 210 00:17:08.079 --> 00:17:12.799 important that you understand its obsecurity absolutely. Speaking of previous content, we're gonna 211 00:17:12.799 --> 00:17:17.480 talk now about um uh, some chapters in your book very pertinent to this. 212 00:17:17.640 --> 00:17:21.079 But you mentioned passwords a number of times throughout the podcast so far, 213 00:17:21.319 --> 00:17:23.480 and I made a note here just you know that came to my mind, 214 00:17:23.839 --> 00:17:29.839 is what's the three most important things in real estate? Is what location? 215 00:17:30.160 --> 00:17:34.079 Location, location? In cybersecurity, it should be password, password, password, 216 00:17:34.680 --> 00:17:38.319 right, because that's correct me if I'm wrong, But that's in many 217 00:17:38.359 --> 00:17:42.359 cases the entry point, right, If they don't have your password, they're 218 00:17:42.400 --> 00:17:47.400 not going to be able to gain access to your data in many cases. 219 00:17:47.759 --> 00:17:51.559 Yes, right, So password, password, password, pass? What pass? 220 00:17:51.599 --> 00:17:56.160 What password? Because you're trying to make sure that the bubble stays protended, 221 00:17:56.359 --> 00:18:02.640 because because the people that try to on Lofty gain SS, they wanted 222 00:18:02.680 --> 00:18:07.200 to penetrate that bubble, and around that bubble is cybersecurity in the shield, 223 00:18:07.640 --> 00:18:11.279 and you have to protect that information. So what they're trying to do is 224 00:18:11.279 --> 00:18:18.960 to defeat everything that you are supposed to be doined rhet row right, Yeah, 225 00:18:19.000 --> 00:18:22.200 I mean much like the financial industry. Um, your a t M 226 00:18:22.240 --> 00:18:26.279 card is all based on your pen. If they don't have access to your 227 00:18:26.319 --> 00:18:29.279 pen, it's kind of useless to plug in the machine if you don't have 228 00:18:29.279 --> 00:18:32.319 that password that pin. Okay, so let's let's move on before we're in 229 00:18:32.359 --> 00:18:36.240 out of time here. So um, speaking of Cybersecurity Awareness Month, uh, 230 00:18:36.279 --> 00:18:40.160 aligning with your book, there is physically five chapters that are addressed this. 231 00:18:40.240 --> 00:18:42.160 So let's let's kind of do rapid fire. So first comes up chapter 232 00:18:42.279 --> 00:18:45.799 four. Talk to us about the connection with chapter four and cybersecurity a Wardeness 233 00:18:45.799 --> 00:18:51.480 month. Shout. The four is about everything I have already discussed alright. 234 00:18:52.240 --> 00:18:56.400 Sixteen, let's go to chapter sixteen. Then the value proposition. Value value 235 00:18:56.400 --> 00:19:04.359 proposition means that that what type of service can can you provide to your company? 236 00:19:04.400 --> 00:19:10.039 Because if your cybersecurity focus, then it makes it easy for your company 237 00:19:10.079 --> 00:19:15.759 and they can say money from these attacks. Okay. Chapter seventeen Digital monetization, 238 00:19:15.440 --> 00:19:22.319 Technology changes. Technology is changing so much every day, and organization have 239 00:19:22.480 --> 00:19:30.279 to invest into technology. And part of your cyber cyber awareness is to understand 240 00:19:30.039 --> 00:19:34.640 your security state. Because open the past year, if you kept metrics and 241 00:19:34.759 --> 00:19:41.160 trends and and data, you know that you need to modernize your environment and 242 00:19:41.240 --> 00:19:47.799 part of that monetization comes from your cybersecurity awareness programs that you have in place. 243 00:19:48.480 --> 00:19:52.519 Okay, Chapter eighteen workforce modernization, it's about training. Yeah, kind 244 00:19:52.559 --> 00:19:56.000 of what we talked about the top of the podcast. Yes. Training. 245 00:19:56.519 --> 00:19:59.720 So it can't just be like I get your I T. Department or the 246 00:19:59.759 --> 00:20:03.400 own of the company or somebody at the sea level suite, right, it 247 00:20:03.440 --> 00:20:08.799 has to be that hackers mindset or hackers had throughout the entire organization. Speaking 248 00:20:08.839 --> 00:20:15.359 of that's my popular or chapter is after nineteen is hackers had. It's simple, 249 00:20:15.880 --> 00:20:21.319 Okay, you if you want to raise your awareness, you as the 250 00:20:21.400 --> 00:20:26.279 person has to be thinking like a hacker does. Okay. Part of that 251 00:20:26.440 --> 00:20:33.359 whole entire picture is to make sure that your cyber security mindset is constantly operating, 252 00:20:33.920 --> 00:20:41.319 constantly moving because you have that cyber focus attitude. This is rever This 253 00:20:41.559 --> 00:20:51.440 is simple talk. Cyber focus attitude equals scrums cyber awareness program right. And 254 00:20:51.599 --> 00:20:56.680 in order to get all of that, think about your mindset that needs to 255 00:20:56.680 --> 00:20:59.759 be in place. All right, And and I'll say that over and over 256 00:21:00.039 --> 00:21:06.920 and at the chief of cybersecurity is cyberwareness. Want I'm charging everybody to study 257 00:21:06.960 --> 00:21:11.680 all the digital parents, please go out there and do your homework and start 258 00:21:11.720 --> 00:21:15.720 to protect the youth. Okay, and kind of you know, recap, 259 00:21:15.759 --> 00:21:19.160 but we have some new topics here too. Um. We'll have a list 260 00:21:19.160 --> 00:21:22.759 of four call to actions, right, So I think the first one is 261 00:21:22.759 --> 00:21:27.119 is awesome um that I don't know if you have this phrase where this comes 262 00:21:27.119 --> 00:21:32.960 from, but the concept of before you think before you click, right, 263 00:21:33.400 --> 00:21:37.799 So, I think that's a great um you know area. It's much like 264 00:21:37.799 --> 00:21:41.039 you know before you when you start the car. Right. We've all been 265 00:21:41.039 --> 00:21:45.759 through driving education school, right, so, um, they teach you a 266 00:21:45.839 --> 00:21:49.279 list of getting the car, check your mirrors, ad gusture your your mirrors 267 00:21:49.319 --> 00:21:52.279 and so forth, you know, put it in in park, start the 268 00:21:52.359 --> 00:21:57.640 car, and that's an entire checklist. So before we click you know online, 269 00:21:59.519 --> 00:22:02.160 you know, uh, we gotta think about a checklist. What do 270 00:22:02.200 --> 00:22:04.559 we do? What's the protocol? But much like the car analogy, we 271 00:22:04.599 --> 00:22:07.640 now kind of do that on autopilot, right. We don't have to overthink 272 00:22:07.680 --> 00:22:11.519 it, but it has to be trained from the focus. I like that 273 00:22:11.599 --> 00:22:15.400 first one before you click. Any other thoughts on that one? Rich you 274 00:22:15.480 --> 00:22:21.880 are wearing your hackers today, I'm I'm going to still stayed over here man, 275 00:22:22.000 --> 00:22:26.400 and uh say you're doing it. Yeah, I like that. Well, 276 00:22:26.400 --> 00:22:30.400 I've learned from the best. So number two of this four checklist here 277 00:22:30.599 --> 00:22:34.839 would be talked about updating your software. Very important. Updating your software. 278 00:22:34.960 --> 00:22:41.559 This is part of knowing that software gets old and they have vulnerabilities on your 279 00:22:41.640 --> 00:22:49.000 systems. Stay active on updating software. It's just straightforward. This is one 280 00:22:49.039 --> 00:22:53.079 of the ways where my hackers tried to pintiltrate the bubble. If you have 281 00:22:53.119 --> 00:22:57.839 outdated software on your systems as well, be smart about that. It doesn't 282 00:22:57.880 --> 00:23:03.960 take but a couple of seconds to say yes, and your Windows eleven desktop 283 00:23:04.039 --> 00:23:10.440 machine will execute on his own. All you have to do is is to 284 00:23:10.519 --> 00:23:15.799 authorize the update. Okay, and uh, we've Number three. We talked 285 00:23:15.799 --> 00:23:18.000 a lot about passwords, but talk to us about, um, you know, 286 00:23:18.920 --> 00:23:23.359 creating a what's that ideal password? What are some elements that um kind 287 00:23:23.359 --> 00:23:27.319 of rule of thumb of creating a password that is less likely to be hacked? 288 00:23:27.319 --> 00:23:32.000 What are some guidelines of you know, when you create a password? 289 00:23:32.720 --> 00:23:41.519 Okay, a combination of letters characters is a scrown password. I would say 290 00:23:41.559 --> 00:23:45.400 that if someone wants to create a sixteen character seventeen character pass where it's privately 291 00:23:45.440 --> 00:23:56.000 safer for a four character password, it's not says right right? Um maybe 292 00:23:56.160 --> 00:24:02.079 so, um it sounds perfect easy to remember. It's yeah, it's easy 293 00:24:02.119 --> 00:24:04.839 to remember the sims. Some of the recent phenomenon. When I'm creating new 294 00:24:04.880 --> 00:24:11.799 accounts for new widgets online or services, I'll use one of my standard passwords. 295 00:24:11.839 --> 00:24:15.559 I'm not going to share right now, but but they'll say this is 296 00:24:15.599 --> 00:24:18.599 too common of a password, even if I've never used on their platform before, 297 00:24:19.039 --> 00:24:22.880 they say that it's too common. Right. Another rule of thumb is, 298 00:24:22.759 --> 00:24:26.319 um, if I guess a good website would give you the instructions of 299 00:24:26.279 --> 00:24:30.279 don't use a password that's also contained like can you use her name or your 300 00:24:30.319 --> 00:24:34.599 email? Right? Right? I mean it seems maybe common to you, 301 00:24:34.640 --> 00:24:38.119 but it share those words of wisdom with our listeners. There goes to science 302 00:24:38.119 --> 00:24:45.480 behind a password. You're a common special character numbers and symbols. A password 303 00:24:45.480 --> 00:24:49.519 system, well, most of your online system will will go and tell you 304 00:24:49.559 --> 00:24:53.599 that this has to be a minimum eight, twelve, fourteen or sixteen characters. 305 00:24:53.759 --> 00:24:59.359 Right, So when it tells you the minimum, this is exactly what 306 00:24:59.400 --> 00:25:02.640 you need to file. If it's a minimum or twelve. Well, you 307 00:25:02.680 --> 00:25:07.200 can have sixteen characters, you can have seventeen characters. I do not recommend 308 00:25:07.319 --> 00:25:14.680 using a password generator online because nobody else is used. If you do, 309 00:25:15.039 --> 00:25:18.359 a person that cannot remember a pass where you're right down on the sheet of 310 00:25:18.400 --> 00:25:21.519 paper, hot it and lock it somewhere and you lock it up. Okay, 311 00:25:21.680 --> 00:25:23.799 all right, if you if you lock it up in your closet, 312 00:25:25.359 --> 00:25:30.839 in a shoebox, nobody can use the Internet to go get that password because 313 00:25:30.880 --> 00:25:36.079 it's not on a system anywhere. So you have to have that kind of 314 00:25:36.119 --> 00:25:40.319 mindset in place. One of the other things, too, is to just 315 00:25:40.640 --> 00:25:44.680 change your password on a random basis, maybe like every ninety days or so. 316 00:25:45.920 --> 00:25:48.200 Almost said, like a lot of things I do like that is I'll 317 00:25:48.200 --> 00:25:52.319 set a Google reminder on my Google calendar. Just comes up. It's time 318 00:25:52.359 --> 00:25:55.480 to again, go back to changing your your batteries in your smoke alarm. 319 00:25:55.839 --> 00:25:59.839 Right, those aren't gonna last indefinitely, right, and if they're not updated 320 00:26:00.119 --> 00:26:03.400 like your software, you're smoking alarm is not gonna work when the fire kicks 321 00:26:03.400 --> 00:26:06.319 in. Right, So last last item on our four lists, and see 322 00:26:06.359 --> 00:26:08.640 if you have any other closing thoughts. But um, talk to us about 323 00:26:08.799 --> 00:26:19.359 m f A. Oh, it's like a little scary here we go. 324 00:26:19.920 --> 00:26:25.799 Let me just make it simple, okay, please, okay, use the 325 00:26:25.920 --> 00:26:30.640 name and password and something else like a token, right that you got? 326 00:26:30.799 --> 00:26:36.839 What do you mean by a token? Token is a advice that has a 327 00:26:36.839 --> 00:26:41.599 a certain digits a number on there. Okay, And and you know, 328 00:26:41.720 --> 00:26:45.680 most of the organization we'll go have you to put in a user name and 329 00:26:45.720 --> 00:26:48.960 password, but then after that you got to put a token in right that 330 00:26:49.039 --> 00:26:53.160 they supply to your email address. Another layer of security, which as a 331 00:26:53.279 --> 00:26:56.079 user is a little bit of a pain or a hassle, but it probably 332 00:26:56.079 --> 00:27:00.920 makes you feel more secure, right, Yeah, you know, some small 333 00:27:00.960 --> 00:27:04.119 inconvenience for the big picture price. Yes, when you put your userna and 334 00:27:04.119 --> 00:27:08.200 password, and then after that you get an email code and put the code 335 00:27:08.240 --> 00:27:11.440 in. Yeah. Yeah, you can have used a hard token as well 336 00:27:11.519 --> 00:27:15.480 too, which is by companies like r s A, which is which actually 337 00:27:15.559 --> 00:27:19.920 have those codes on a little piece of device that could change this rapidly for 338 00:27:21.000 --> 00:27:26.160 you as well too. Uh. Most of the large organization will go have 339 00:27:26.480 --> 00:27:30.319 m f A, and most of the websites, banks in everywhere else is 340 00:27:30.319 --> 00:27:33.319 pretty much following the same, the same stand up. Now you just kind 341 00:27:33.359 --> 00:27:40.680 of make sure that you enable that. But broactly make sure that you enable 342 00:27:40.799 --> 00:27:42.799 this. All my digital parents out there, listen to me. It's the 343 00:27:42.880 --> 00:27:48.960 chief of sobsecurity. Make sure that you enable this. And I'm gonna keep 344 00:27:49.160 --> 00:27:53.519 talking about digital parenting because it's such a critical issue. Do you not know 345 00:27:53.720 --> 00:27:59.880 that? When when I went on't Link then and I posted my live scho 346 00:28:00.160 --> 00:28:04.680 for digital parenting, I had someone that was involved with one of the federal 347 00:28:04.759 --> 00:28:10.359 agencies that was going to study on this okay and told me that this was 348 00:28:10.400 --> 00:28:14.759 way over written here because he was working on his doctorate program and said that 349 00:28:14.839 --> 00:28:18.480 it was a great topic to go have. He said he's been arguing about 350 00:28:18.519 --> 00:28:23.599 this for like years, and um, maybe later on in the podcast session, 351 00:28:23.640 --> 00:28:27.680 I should find out who we who this persons and see if I can 352 00:28:27.680 --> 00:28:32.839 get him on the live screen because this would be very important digital parent um. 353 00:28:32.960 --> 00:28:34.720 Yeah, and maybe during the holidays would be great too, because people 354 00:28:34.759 --> 00:28:37.759 sometimes let down their guard when they're out shopping or they're you know, over 355 00:28:37.839 --> 00:28:42.640 extended, um and they're traveling with family and friends and so forth. But 356 00:28:42.720 --> 00:28:48.200 yeah, I think the digital parent is a very um important topic. To 357 00:28:48.279 --> 00:28:51.640 do a little deeper dive in another episode. Right, but what's interesting about 358 00:28:51.680 --> 00:28:56.160 again the Halloween analogy being October and cybersecurity month is when you send your kids 359 00:28:56.160 --> 00:29:00.559 out trick or treating, it's not like, um, everything and goes right. 360 00:29:00.599 --> 00:29:03.440 You want them to have fun, just like, but you want to 361 00:29:03.839 --> 00:29:07.240 you know, keep your guard on, uh you know what's happening when they're 362 00:29:07.240 --> 00:29:10.319 out trick or trading, and keep them safe because they're in costumes and you 363 00:29:10.319 --> 00:29:12.480 know you don't want them wandering out in the street and getting you know even 364 00:29:12.519 --> 00:29:18.000 just you know, tripping and um, getting a bump on their knee or 365 00:29:18.000 --> 00:29:22.359 whatever. Right, something's small to too major and back to like the online 366 00:29:22.400 --> 00:29:26.359 there's there's amazing things kids can kids can learn from education. It opens up 367 00:29:26.400 --> 00:29:33.680 a world of opportunity and education right around the world and in the past that 368 00:29:33.720 --> 00:29:37.160 wasn't available to them. Right, But just got to be uh mindful, 369 00:29:37.319 --> 00:29:41.640 mindful exactly what is what is perfectly going on? You know, you just 370 00:29:41.680 --> 00:29:48.519 have to stay engage, you stay active, um and and stay tuned to 371 00:29:48.599 --> 00:29:55.000 this episode, stay to this episode here and just realized that Obersecurity it's a 372 00:29:55.079 --> 00:30:02.599 change in environment activate you. Soybersecurity mindset, uh and be smart what you 373 00:30:02.720 --> 00:30:07.000 do all digital parents in the chief of cybersecurity is holding you responsible. I 374 00:30:07.039 --> 00:30:11.599 am gonna keep on and you know who you are exactly. Yeah, we're 375 00:30:11.599 --> 00:30:15.640 not mentioning any names, but yeah, okay, Dwayne, was a pleasure 376 00:30:15.680 --> 00:30:18.119 having you back in the studio and we actually actually have at least one more 377 00:30:18.119 --> 00:30:22.559 episode coming up this month October and Cybersecurity Awareness Month. But this was a 378 00:30:22.599 --> 00:30:27.240 great UM springboard to launch off the month and the celebration of this and awareness, 379 00:30:27.559 --> 00:30:32.960 So UM again. Visit Dwayne Heart dot com for all Things for You 380 00:30:32.960 --> 00:30:37.359 can purchase his book from there, listen to previous podcast episodes linked to his 381 00:30:37.440 --> 00:30:40.720 YouTube for his live stream, UM even some you know Q and A. 382 00:30:40.759 --> 00:30:42.400 If you have some questions, you can reach out to UM the man of 383 00:30:42.400 --> 00:30:47.160 the hour, Dwayne Hart. So we'll see you next time on this episode 384 00:30:47.319 --> 00:31:00.319 and on the internet. Be Safe. Two