Episode Transcript
WEBVTT
1
00:00:02.359 --> 00:00:05.480
Alright, alright, we're back in
the Atlanta studios here Rich casting over Global
2
00:00:05.480 --> 00:00:10.000
Podcast Studios headquarters in Atlanta, Georgia. If you've been down this way,
3
00:00:10.039 --> 00:00:14.560
stopped by. But speaking of stopping
by, we have the Mr Dwayne Hart
4
00:00:14.560 --> 00:00:18.640
in the studio. Uh everything cybersecurity. He's literally written a book on the
5
00:00:18.640 --> 00:00:22.160
topic. He has a longstanding podcast
going into season two. I believe it
6
00:00:22.239 --> 00:00:25.839
is, right, yes, right, yes, and and that's for the
7
00:00:25.879 --> 00:00:29.120
podcast. And you've added another element, which we just did a recording of
8
00:00:29.199 --> 00:00:33.039
taping here in the studio, a
live stream on YouTube and that's getting some
9
00:00:33.079 --> 00:00:37.399
great traction on that end. But
back here in the studio. So,
10
00:00:37.880 --> 00:00:41.560
UM, what's interesting about this podcast
in this episode is talking about timing.
11
00:00:41.719 --> 00:00:47.399
It is the official month, drumroll
please for Cybersecurity Month. It is.
12
00:00:48.119 --> 00:00:50.439
And this a little bit of the
backstory I've heard about it. I didn't
13
00:00:50.479 --> 00:00:54.359
realize the backstory. This was actually
created in two thousand and four. Um,
14
00:00:54.560 --> 00:00:58.840
the President of States and Congress declared
October to be Cybersecurity Awareness Month.
15
00:00:59.119 --> 00:01:03.079
That's been going on eighteen years in
the making. And UM, so let's
16
00:01:03.159 --> 00:01:04.480
jump right into it. I've got
a lot of questions on this, UM,
17
00:01:04.719 --> 00:01:08.439
the topic of the month. So
let's first of all, what is
18
00:01:08.480 --> 00:01:11.000
the what do you think that in
your mind? I mean, you're you're
19
00:01:11.040 --> 00:01:15.640
the subject matter expert on this.
What's the purpose of Cybersecurity Awareness Month?
20
00:01:15.319 --> 00:01:19.359
Well, it's not for people to
run and hide. That was for sure,
21
00:01:19.640 --> 00:01:23.760
Okay, all right, you know
while you're looking at me when you
22
00:01:23.799 --> 00:01:27.920
say that, yeah, you know, it's it's it's that in this society,
23
00:01:29.200 --> 00:01:34.680
we we actually have the cybersecurity fears
that are going on where people are
24
00:01:34.799 --> 00:01:42.000
very afraid of cybersecurity for some odd
reason. And cybersecurity is a shield that
25
00:01:42.319 --> 00:01:49.519
serves to protect our lives, information
and data. So with that said,
26
00:01:49.200 --> 00:01:55.920
Cybersecurity Awareness Month has its pluses,
and you know, the the plus is
27
00:01:55.959 --> 00:02:00.079
to cybersecurity aware of this month.
It's so that people can't engage, you
28
00:02:00.120 --> 00:02:06.519
can understand how to use cybersecurity.
This is the time to sit back and
29
00:02:06.599 --> 00:02:12.639
take an evaluation of yourself and your
engagement or if you're on a corporation,
30
00:02:13.439 --> 00:02:17.360
what are some of the things you
need to do to improve your cybersecurity programs?
31
00:02:19.520 --> 00:02:23.840
Also too, taking a deep view
into a security state. Because the
32
00:02:23.960 --> 00:02:31.599
month of October for cybersecurity awareness has
always been focals on users users, but
33
00:02:31.759 --> 00:02:38.479
now that needs to be a deep
view into the security state of a company,
34
00:02:38.680 --> 00:02:44.479
so that you can take a view
and see are we really practicing cybersecurity
35
00:02:44.520 --> 00:02:51.879
as we should or are we just
getting by changes happen, and corporation have
36
00:02:52.000 --> 00:02:57.960
the adfurcate changes too, because with
cybersecurity is constantly changing, there's all kinds
37
00:02:57.960 --> 00:03:02.520
of different critical issues that are happening. So it's the time to focus.
38
00:03:01.360 --> 00:03:07.120
Yeah, it's definitely. UM,
it's something that should be you know,
39
00:03:07.360 --> 00:03:09.719
you talk a lot, you know, throughout the year, there's different things
40
00:03:09.719 --> 00:03:13.479
to do, but it's like you
know, your news, your resolutions,
41
00:03:13.479 --> 00:03:15.360
you kind of re evaluate what you
did the last year. In business,
42
00:03:15.520 --> 00:03:20.800
you look at your you know,
quarterly reports and evaluate and decide what actions
43
00:03:20.879 --> 00:03:23.360
need to be um, maintained or
changed. Uh. And speaking of changes,
44
00:03:23.400 --> 00:03:28.879
I was thinking about much like um, you know, when when the
45
00:03:28.919 --> 00:03:31.080
at least in the US, when
we have our time change, it should
46
00:03:31.120 --> 00:03:35.560
it sends a signal to say,
of a minor to change your battery and
47
00:03:35.599 --> 00:03:38.719
your smoke alarm, So much like
cybersecurity. When this, when this rolls
48
00:03:38.759 --> 00:03:40.840
around, it's like, let's take
a step back and re evaluate, you
49
00:03:40.879 --> 00:03:44.800
know, what do we do right
last year in cybersecurity in terms of our
50
00:03:44.879 --> 00:03:47.599
organization, what new things do we
need to tackle right? But that makes
51
00:03:47.639 --> 00:03:52.080
sense, yes, it's yes,
it does make sense. But it requires
52
00:03:52.120 --> 00:03:58.319
the organization to have some actionable data
and to collect metrics and to use those
53
00:03:58.400 --> 00:04:05.879
metrics as a development platform and at
because those metrics are designed so that the
54
00:04:05.960 --> 00:04:12.840
organization can see what the security rectness
stands. And with the security rectness,
55
00:04:13.080 --> 00:04:17.000
it focuses beyond users, but also
looking at your technologies, looking at your
56
00:04:17.079 --> 00:04:24.199
vendors, looking at your business process, looking at how you invest in the
57
00:04:24.279 --> 00:04:31.199
cybersecurity and also too coming up with
a plan for your future state where what
58
00:04:31.319 --> 00:04:35.160
do you want to carry cybersecurity for
that next year. But let's talk about
59
00:04:35.240 --> 00:04:40.680
what are some activities that organizations should
you know. It should occur during October
60
00:04:40.800 --> 00:04:47.839
training training, train and train.
Training can be formal or it can be
61
00:04:47.920 --> 00:04:55.040
informal. Uh formal is let's sit
down in the classroom and talk about cybersecurity.
62
00:04:55.399 --> 00:05:00.879
Or it can be informal where you
start to have larger discussions and part
63
00:05:00.879 --> 00:05:05.600
of old discussions falls into a team
involvement and they look at you different technology
64
00:05:05.639 --> 00:05:12.759
teams and also looking at two different
UM non technology teams and branching those two
65
00:05:13.040 --> 00:05:18.279
together and started and having a conversation
about the previous year and where do you
66
00:05:18.319 --> 00:05:24.240
want to vehicle cybersecurity right next year? Yeah, because a lot of times
67
00:05:24.240 --> 00:05:27.399
we think that just lays on the
shoulder of the of the I T Department.
68
00:05:27.439 --> 00:05:32.240
But anybody in your organization that is
connected to the internet right start there.
69
00:05:32.800 --> 00:05:36.120
They need to be involved and they
need UM And you mentioned about learning,
70
00:05:36.199 --> 00:05:40.959
so it's again kind of learning from
what we did and learning about there's
71
00:05:40.959 --> 00:05:45.319
always always always new developments, right. So uh, the operative where there
72
00:05:45.360 --> 00:05:50.800
is awareness, yes, it is
because of the growth mindset continue to develop.
73
00:05:51.600 --> 00:05:55.439
So what are some things people should
be aware of? What would be
74
00:05:55.480 --> 00:06:01.959
on your short list? Uh?
Well, I think that people should be
75
00:06:02.959 --> 00:06:10.519
aware of some of the things that
affect their environment. Okay, okay,
76
00:06:10.680 --> 00:06:15.360
if you look at some of the
environments, UM, you know you want
77
00:06:15.360 --> 00:06:21.720
to look and try to think about
how incidents happens. You want to look
78
00:06:21.800 --> 00:06:29.279
and see whether all your employees are
engaged into cyber security, have that mindset
79
00:06:30.720 --> 00:06:36.079
all right? You also want to
look and see whether there's complacency because complacency
80
00:06:36.279 --> 00:06:43.199
is very important because if an organization
has a group of users that are complacent,
81
00:06:43.279 --> 00:06:48.720
and that's a risks a lot of
problem. Even if you have fishing
82
00:06:48.720 --> 00:06:54.040
attacks and so forth, and people
are complacent, they are serving as a
83
00:06:54.079 --> 00:07:00.839
sweet spot for phishing attacks. To
care. One of the other things things
84
00:07:00.920 --> 00:07:05.240
always like to talk about, it's
that it's that you want to make sure
85
00:07:05.279 --> 00:07:10.120
that you have a continuous engagement,
so that means everybody has to be involved.
86
00:07:10.680 --> 00:07:13.879
You know, you want to be
able to address cybersecurity fund the front
87
00:07:13.920 --> 00:07:20.000
line and have a proactive environment because
you don't want to have a have more
88
00:07:20.160 --> 00:07:25.959
of a reacting virus, because reactive
means that we are in the emergency mode
89
00:07:26.279 --> 00:07:30.199
and we're fighting fund the rear.
Right. Yeah, I mean it's like
90
00:07:30.240 --> 00:07:32.199
I mentioned at the top of the
show about the New Year's resolution, A
91
00:07:32.199 --> 00:07:34.600
lot of people have fitness in mind, right, So you can't just go
92
00:07:34.680 --> 00:07:39.240
to the gym in January and be
set for the year, right. So
93
00:07:39.399 --> 00:07:42.480
in cybersecurity, you can't just be
like, um, well we checked that
94
00:07:42.519 --> 00:07:46.519
off our list last year. You
know you can't do that, right,
95
00:07:46.759 --> 00:07:50.079
So let's um so when you put
these or when you put these individuals,
96
00:07:50.399 --> 00:07:55.639
your employees and in a room for
training, you mentioned earlier. What are
97
00:07:55.639 --> 00:07:58.800
some of the discussions that you know
should be on the shortlist? Uh,
98
00:07:59.000 --> 00:08:05.920
that are most critical cybersecurity wareness?
Wow? You know, you know the
99
00:08:05.000 --> 00:08:13.879
traditional way has been talked about passwords, social, social engineering, UM,
100
00:08:15.120 --> 00:08:20.199
talk about the type of things that
are used to protect information assets in the
101
00:08:20.319 --> 00:08:24.920
person. I like to take it
to another level. Alright, alright,
102
00:08:24.000 --> 00:08:28.360
let's do it. There you go. You better strap in if you're listening
103
00:08:28.399 --> 00:08:31.200
to this in your car whenever,
hold on taking it to another level,
104
00:08:31.240 --> 00:08:37.039
go on to Wayne, organization should
do this. Where is your cybersecurity mindset?
105
00:08:37.720 --> 00:08:43.399
Right? Organization can take my book
and pick a chapter out of there
106
00:08:43.879 --> 00:08:46.200
and we're gonna talk about four the
chapter or five chapters that are relevant to
107
00:08:46.240 --> 00:08:50.120
this. But when they put him
in the room, uh, you know,
108
00:08:50.360 --> 00:08:54.600
I have we have a note here
about ransomware is probably top of the
109
00:08:54.639 --> 00:09:00.519
list, right, yes, yes, And you put people in a room,
110
00:08:58.799 --> 00:09:03.080
right and really, really, what
you're trying to do is to have
111
00:09:03.240 --> 00:09:07.799
an open discussion. But you want
to make sure that they understand the purpose
112
00:09:07.919 --> 00:09:13.000
of having a soybergecuity mindset, because
if you put them in a room and
113
00:09:13.080 --> 00:09:20.000
a lot open type of discussion and
if you evaluate your team and trying to
114
00:09:20.080 --> 00:09:22.360
see what they focus, trying to
see what their weakness is at, and
115
00:09:22.360 --> 00:09:26.639
seeing what the overall knowledge is about. Because anybody can go to go to
116
00:09:26.799 --> 00:09:31.879
a computer and sit there and listen
to a video for fifteen minutes and just
117
00:09:31.000 --> 00:09:37.120
keep going through the power point slide. But in a learning environment, you
118
00:09:37.200 --> 00:09:41.679
want to see how well people can
engage into cybersecurity. So when they're learning
119
00:09:41.720 --> 00:09:46.279
how to engage into cybersecurity, this
is where ransomware comes up. Okay,
120
00:09:46.320 --> 00:09:50.440
do they know what ransomware is?
Do they know that when you get these
121
00:09:50.480 --> 00:09:56.759
attachments that that you need to evaluate
those attachments. You cannot just punch the
122
00:09:56.840 --> 00:10:01.159
attachment because the ransomware of major slops. Even so, looking at some of
123
00:10:01.159 --> 00:10:05.759
the other critical things like a critical
infrastructure right right right, you know you
124
00:10:05.759 --> 00:10:11.799
want to have that discussion because if
the country and infrastructure goes down, uh,
125
00:10:11.960 --> 00:10:16.480
you know, you won't have wireless
uh communications. You know, the
126
00:10:16.519 --> 00:10:22.639
water plants are offline and things such
as the utility plants as well too.
127
00:10:22.799 --> 00:10:28.480
You know you don't have power.
See, those things are very and very
128
00:10:28.519 --> 00:10:33.360
and very important as well too.
And looking at your suppliers because as I
129
00:10:33.399 --> 00:10:37.039
said, because those can change throughout
the year. We onboarded some people,
130
00:10:37.279 --> 00:10:39.360
you know, three months ago.
But let's take a step back and see
131
00:10:39.399 --> 00:10:43.960
where they fit in the mix.
When you look at that deep security state,
132
00:10:45.480 --> 00:10:52.080
what you're looking at is your environment
from a three hundred and sixties degrees
133
00:10:52.120 --> 00:10:56.000
of security visibility. Right, you
want to look at all the different intricate
134
00:10:56.000 --> 00:11:03.240
pieces that fall under your organizations and
your suppliers is one because you engage them,
135
00:11:03.279 --> 00:11:07.720
because you have to have that discussion, because if you don't, people
136
00:11:07.759 --> 00:11:13.879
would assume that every supplier is um
it's honest, or their trans transparency,
137
00:11:15.000 --> 00:11:18.720
or you may have changed suppliers um
during the year. And this is a
138
00:11:18.799 --> 00:11:22.600
chance to take a look back and
say, okay, last year we had
139
00:11:22.639 --> 00:11:24.840
these ten suppliers, we replaced three
of them. We need to kind of
140
00:11:24.840 --> 00:11:28.879
take a closer look at those right, right, you know, you take
141
00:11:28.919 --> 00:11:33.639
a look and see what you're a
wheat point, how did how did you
142
00:11:33.679 --> 00:11:37.879
fail with those supplies, how did
you succeed um um looking at your service
143
00:11:37.960 --> 00:11:41.320
level agreements that you have in place, all right, looking at your operation
144
00:11:41.440 --> 00:11:46.080
level agreements and your privacy level agreements
that you have in place, and seeing
145
00:11:46.120 --> 00:11:52.519
what they affected. Because cyber cyber
awareness, and I'm going to restrict this.
146
00:11:52.480 --> 00:11:58.000
It goes beyond the typical user based
security, making sure you protect your
147
00:11:58.039 --> 00:12:03.240
passwords, making sure you don't share
your past words. We have to expand
148
00:12:03.320 --> 00:12:07.759
cyber awareness, right. And we've
been talking a lot about companies, organizations
149
00:12:07.799 --> 00:12:11.000
and by the way, Rich casting
over here alongside Dwayne Hart, we're listening
150
00:12:11.000 --> 00:12:16.559
to UM an interview with the man
that wrote the book on cybersecurity and as
151
00:12:16.559 --> 00:12:20.960
well as a podcast. So before
we jump into the next topic of pivoting
152
00:12:20.960 --> 00:12:24.879
from companies to individuals and like parents
and so forth. UM. If this
153
00:12:24.919 --> 00:12:28.919
isn't of interest to you intriguing,
UM, you can reach out to Duyne.
154
00:12:28.960 --> 00:12:33.080
Just go to Dwayne Heart dot com. You can find his book there,
155
00:12:33.120 --> 00:12:35.679
his podcast links everything you need to
know about cybersecurity just at Dwayne Hart
156
00:12:35.879 --> 00:12:39.360
dot com. Okay, so Dwayne, let's talk about you know, we
157
00:12:39.360 --> 00:12:45.039
can talk about companies. UM uh
I remember you had this aha moment a
158
00:12:45.120 --> 00:12:50.399
number back, I think in season
one about parents and cybersecurity. What was
159
00:12:50.440 --> 00:12:54.279
the phrase you came up with there
and and talk to us about that digital
160
00:12:54.320 --> 00:13:01.080
parents. Yeah, here's why cyber
here's why cyber awareness is so important.
161
00:13:01.519 --> 00:13:07.279
If you're a parent, I want
you to put your coffee down. I
162
00:13:07.320 --> 00:13:13.360
want you to listen to me for
a second. There are potential risk for
163
00:13:13.440 --> 00:13:20.120
the youth on Snapchat and use of
cell phones, use of tablets, PCs,
164
00:13:20.279 --> 00:13:24.919
PlayStation game TikTok's and everything else checked
TikTok and all these accounts. You
165
00:13:26.039 --> 00:13:31.000
have to know who you're use are
communicating with, and you have to become
166
00:13:31.039 --> 00:13:37.440
a digital parent. Digital parenting in
the Cyber Awareness Month and me asked the
167
00:13:37.519 --> 00:13:41.639
chief of Cybersecurity, here's kind of
what I want all digital parents to do.
168
00:13:43.480 --> 00:13:48.639
I want you to focus beyond just
cutting the cell phones off at ten
169
00:13:48.720 --> 00:13:52.080
at night, all right, because
that's a large discussion about Yeah, that's
170
00:13:52.120 --> 00:13:54.519
a digital parent. You know you
just cut the cell phones off. No,
171
00:13:56.279 --> 00:13:58.960
you need to be involved with the
PlayStation games. See how they opera,
172
00:14:00.080 --> 00:14:05.159
right, Who are the friends in
that network snapchat in different types of
173
00:14:05.200 --> 00:14:11.200
friends. They may have learn about
parental controls because you have your parental controls
174
00:14:11.240 --> 00:14:16.799
on your smart TVs, especially on
Netflix, all right, but you need
175
00:14:16.840 --> 00:14:22.679
to have parental controls established on your
smartphones, on your laptops, your tablets
176
00:14:22.720 --> 00:14:28.639
because now the use are probably taking
classes from home. Right, Yes,
177
00:14:28.720 --> 00:14:31.519
some of that's needed right for our
current school system. But you just hit
178
00:14:31.559 --> 00:14:35.639
on something we should do uh later
down the road. Whole episode just on
179
00:14:35.720 --> 00:14:39.960
gaming and cypersecurity and Twitch and that's
a whole you know, um whole another
180
00:14:41.039 --> 00:14:45.720
topic hole. But speaking of you
know, um digital parenting, cyber Monday
181
00:14:45.879 --> 00:14:48.639
rolls around this time of the year
coming up, right, and that's the
182
00:14:48.679 --> 00:14:52.120
holiday shopping and so you have a
lot of employees that are online, you
183
00:14:52.159 --> 00:14:54.399
know, shopping which they probably shouldn't
have, and then there's deals that are
184
00:14:54.559 --> 00:14:58.919
um, you know, it just
goes in kind of warp speed. So
185
00:14:58.320 --> 00:15:03.039
they see these eight you know,
uh fifty off deals and there's it's very
186
00:15:03.159 --> 00:15:07.480
enticing to jump on that without much
awareness of you know, what's going to
187
00:15:07.519 --> 00:15:11.840
be the repercussions of that. And
it is October, so although we shouldn't
188
00:15:11.879 --> 00:15:16.080
be scared about it, it is
Halloween. I don't know if they did
189
00:15:16.120 --> 00:15:20.399
that intentional or right, building cybersecurity
round the scariest month of the year being
190
00:15:20.720 --> 00:15:30.440
Halloween. But I stated before the
purpose of this podcast is to remove the
191
00:15:30.600 --> 00:15:35.360
cybersecurity fee exactly right, exactly,
but be prepared. I mean, much
192
00:15:35.360 --> 00:15:39.440
like we've had some storms recently,
right, things are going to happen in
193
00:15:39.440 --> 00:15:43.360
life, whether it's online storm so
to speak in terms of cybersecurity, or
194
00:15:43.320 --> 00:15:48.799
a man made or a storm otherwise
right, criminal activity or or nature based
195
00:15:48.840 --> 00:15:52.360
a storm. It's about like when
when the hurricanes coming at you or the
196
00:15:52.360 --> 00:15:56.159
tornado, people board up their windows
and so forth and leave town. But
197
00:15:56.200 --> 00:16:00.519
we don't sometimes we don't connect that
with online. Um, you know issues.
198
00:16:02.639 --> 00:16:07.519
You know, you know why why
did people have a disconnection between online
199
00:16:07.519 --> 00:16:15.919
and regular life. It because when
they think about safety, people are more
200
00:16:15.919 --> 00:16:22.759
focused on the physical form of safety. Digital safety is about cybersecurity, all
201
00:16:22.840 --> 00:16:29.759
right. It is about beyond beyond
passwords. Because with safety, you know,
202
00:16:30.120 --> 00:16:34.279
human beings are focused on what can
they visually see. Cybersecurity you can't
203
00:16:34.360 --> 00:16:38.639
visually see, okay, because it's
digital. So that means you have to
204
00:16:38.639 --> 00:16:44.320
get into the roots of digging down
and search for information and find passwords and
205
00:16:44.320 --> 00:16:48.440
so forth. Now, now,
being a digital parent and the chief of
206
00:16:48.480 --> 00:16:52.919
cybersecurity is going to give you some
orders for this month. Now I'm gonna
207
00:16:52.919 --> 00:16:56.879
go and put on my military uniform. Okay, all right, in digital
208
00:16:56.960 --> 00:17:03.200
parents out there, please go do
your homework. Please go listen to the
209
00:17:03.279 --> 00:17:08.039
previous podcast that I have presented because
as a digital parent, it is very
210
00:17:08.079 --> 00:17:12.799
important that you understand its obsecurity absolutely. Speaking of previous content, we're gonna
211
00:17:12.799 --> 00:17:17.480
talk now about um uh, some
chapters in your book very pertinent to this.
212
00:17:17.640 --> 00:17:21.079
But you mentioned passwords a number of
times throughout the podcast so far,
213
00:17:21.319 --> 00:17:23.480
and I made a note here just
you know that came to my mind,
214
00:17:23.839 --> 00:17:29.839
is what's the three most important things
in real estate? Is what location?
215
00:17:30.160 --> 00:17:34.079
Location, location? In cybersecurity,
it should be password, password, password,
216
00:17:34.680 --> 00:17:38.319
right, because that's correct me if
I'm wrong, But that's in many
217
00:17:38.359 --> 00:17:42.359
cases the entry point, right,
If they don't have your password, they're
218
00:17:42.400 --> 00:17:47.400
not going to be able to gain
access to your data in many cases.
219
00:17:47.759 --> 00:17:51.559
Yes, right, So password,
password, password, pass? What pass?
220
00:17:51.599 --> 00:17:56.160
What password? Because you're trying to
make sure that the bubble stays protended,
221
00:17:56.359 --> 00:18:02.640
because because the people that try to
on Lofty gain SS, they wanted
222
00:18:02.680 --> 00:18:07.200
to penetrate that bubble, and around
that bubble is cybersecurity in the shield,
223
00:18:07.640 --> 00:18:11.279
and you have to protect that information. So what they're trying to do is
224
00:18:11.279 --> 00:18:18.960
to defeat everything that you are supposed
to be doined rhet row right, Yeah,
225
00:18:19.000 --> 00:18:22.200
I mean much like the financial industry. Um, your a t M
226
00:18:22.240 --> 00:18:26.279
card is all based on your pen. If they don't have access to your
227
00:18:26.319 --> 00:18:29.279
pen, it's kind of useless to
plug in the machine if you don't have
228
00:18:29.279 --> 00:18:32.319
that password that pin. Okay,
so let's let's move on before we're in
229
00:18:32.359 --> 00:18:36.240
out of time here. So um, speaking of Cybersecurity Awareness Month, uh,
230
00:18:36.279 --> 00:18:40.160
aligning with your book, there is
physically five chapters that are addressed this.
231
00:18:40.240 --> 00:18:42.160
So let's let's kind of do rapid
fire. So first comes up chapter
232
00:18:42.279 --> 00:18:45.799
four. Talk to us about the
connection with chapter four and cybersecurity a Wardeness
233
00:18:45.799 --> 00:18:51.480
month. Shout. The four is
about everything I have already discussed alright.
234
00:18:52.240 --> 00:18:56.400
Sixteen, let's go to chapter sixteen. Then the value proposition. Value value
235
00:18:56.400 --> 00:19:04.359
proposition means that that what type of
service can can you provide to your company?
236
00:19:04.400 --> 00:19:10.039
Because if your cybersecurity focus, then
it makes it easy for your company
237
00:19:10.079 --> 00:19:15.759
and they can say money from these
attacks. Okay. Chapter seventeen Digital monetization,
238
00:19:15.440 --> 00:19:22.319
Technology changes. Technology is changing so
much every day, and organization have
239
00:19:22.480 --> 00:19:30.279
to invest into technology. And part
of your cyber cyber awareness is to understand
240
00:19:30.039 --> 00:19:34.640
your security state. Because open the
past year, if you kept metrics and
241
00:19:34.759 --> 00:19:41.160
trends and and data, you know
that you need to modernize your environment and
242
00:19:41.240 --> 00:19:47.799
part of that monetization comes from your
cybersecurity awareness programs that you have in place.
243
00:19:48.480 --> 00:19:52.519
Okay, Chapter eighteen workforce modernization,
it's about training. Yeah, kind
244
00:19:52.559 --> 00:19:56.000
of what we talked about the top
of the podcast. Yes. Training.
245
00:19:56.519 --> 00:19:59.720
So it can't just be like I
get your I T. Department or the
246
00:19:59.759 --> 00:20:03.400
own of the company or somebody at
the sea level suite, right, it
247
00:20:03.440 --> 00:20:08.799
has to be that hackers mindset or
hackers had throughout the entire organization. Speaking
248
00:20:08.839 --> 00:20:15.359
of that's my popular or chapter is
after nineteen is hackers had. It's simple,
249
00:20:15.880 --> 00:20:21.319
Okay, you if you want to
raise your awareness, you as the
250
00:20:21.400 --> 00:20:26.279
person has to be thinking like a
hacker does. Okay. Part of that
251
00:20:26.440 --> 00:20:33.359
whole entire picture is to make sure
that your cyber security mindset is constantly operating,
252
00:20:33.920 --> 00:20:41.319
constantly moving because you have that cyber
focus attitude. This is rever This
253
00:20:41.559 --> 00:20:51.440
is simple talk. Cyber focus attitude
equals scrums cyber awareness program right. And
254
00:20:51.599 --> 00:20:56.680
in order to get all of that, think about your mindset that needs to
255
00:20:56.680 --> 00:20:59.759
be in place. All right,
And and I'll say that over and over
256
00:21:00.039 --> 00:21:06.920
and at the chief of cybersecurity is
cyberwareness. Want I'm charging everybody to study
257
00:21:06.960 --> 00:21:11.680
all the digital parents, please go
out there and do your homework and start
258
00:21:11.720 --> 00:21:15.720
to protect the youth. Okay,
and kind of you know, recap,
259
00:21:15.759 --> 00:21:19.160
but we have some new topics here
too. Um. We'll have a list
260
00:21:19.160 --> 00:21:22.759
of four call to actions, right, So I think the first one is
261
00:21:22.759 --> 00:21:27.119
is awesome um that I don't know
if you have this phrase where this comes
262
00:21:27.119 --> 00:21:32.960
from, but the concept of before
you think before you click, right,
263
00:21:33.400 --> 00:21:37.799
So, I think that's a great
um you know area. It's much like
264
00:21:37.799 --> 00:21:41.039
you know before you when you start
the car. Right. We've all been
265
00:21:41.039 --> 00:21:45.759
through driving education school, right,
so, um, they teach you a
266
00:21:45.839 --> 00:21:49.279
list of getting the car, check
your mirrors, ad gusture your your mirrors
267
00:21:49.319 --> 00:21:52.279
and so forth, you know,
put it in in park, start the
268
00:21:52.359 --> 00:21:57.640
car, and that's an entire checklist. So before we click you know online,
269
00:21:59.519 --> 00:22:02.160
you know, uh, we gotta
think about a checklist. What do
270
00:22:02.200 --> 00:22:04.559
we do? What's the protocol?
But much like the car analogy, we
271
00:22:04.599 --> 00:22:07.640
now kind of do that on autopilot, right. We don't have to overthink
272
00:22:07.680 --> 00:22:11.519
it, but it has to be
trained from the focus. I like that
273
00:22:11.599 --> 00:22:15.400
first one before you click. Any
other thoughts on that one? Rich you
274
00:22:15.480 --> 00:22:21.880
are wearing your hackers today, I'm
I'm going to still stayed over here man,
275
00:22:22.000 --> 00:22:26.400
and uh say you're doing it.
Yeah, I like that. Well,
276
00:22:26.400 --> 00:22:30.400
I've learned from the best. So
number two of this four checklist here
277
00:22:30.599 --> 00:22:34.839
would be talked about updating your software. Very important. Updating your software.
278
00:22:34.960 --> 00:22:41.559
This is part of knowing that software
gets old and they have vulnerabilities on your
279
00:22:41.640 --> 00:22:49.000
systems. Stay active on updating software. It's just straightforward. This is one
280
00:22:49.039 --> 00:22:53.079
of the ways where my hackers tried
to pintiltrate the bubble. If you have
281
00:22:53.119 --> 00:22:57.839
outdated software on your systems as well, be smart about that. It doesn't
282
00:22:57.880 --> 00:23:03.960
take but a couple of seconds to
say yes, and your Windows eleven desktop
283
00:23:04.039 --> 00:23:10.440
machine will execute on his own.
All you have to do is is to
284
00:23:10.519 --> 00:23:15.799
authorize the update. Okay, and
uh, we've Number three. We talked
285
00:23:15.799 --> 00:23:18.000
a lot about passwords, but talk
to us about, um, you know,
286
00:23:18.920 --> 00:23:23.359
creating a what's that ideal password?
What are some elements that um kind
287
00:23:23.359 --> 00:23:27.319
of rule of thumb of creating a
password that is less likely to be hacked?
288
00:23:27.319 --> 00:23:32.000
What are some guidelines of you know, when you create a password?
289
00:23:32.720 --> 00:23:41.519
Okay, a combination of letters characters
is a scrown password. I would say
290
00:23:41.559 --> 00:23:45.400
that if someone wants to create a
sixteen character seventeen character pass where it's privately
291
00:23:45.440 --> 00:23:56.000
safer for a four character password,
it's not says right right? Um maybe
292
00:23:56.160 --> 00:24:02.079
so, um it sounds perfect easy
to remember. It's yeah, it's easy
293
00:24:02.119 --> 00:24:04.839
to remember the sims. Some of
the recent phenomenon. When I'm creating new
294
00:24:04.880 --> 00:24:11.799
accounts for new widgets online or services, I'll use one of my standard passwords.
295
00:24:11.839 --> 00:24:15.559
I'm not going to share right now, but but they'll say this is
296
00:24:15.599 --> 00:24:18.599
too common of a password, even
if I've never used on their platform before,
297
00:24:19.039 --> 00:24:22.880
they say that it's too common.
Right. Another rule of thumb is,
298
00:24:22.759 --> 00:24:26.319
um, if I guess a good
website would give you the instructions of
299
00:24:26.279 --> 00:24:30.279
don't use a password that's also contained
like can you use her name or your
300
00:24:30.319 --> 00:24:34.599
email? Right? Right? I
mean it seems maybe common to you,
301
00:24:34.640 --> 00:24:38.119
but it share those words of wisdom
with our listeners. There goes to science
302
00:24:38.119 --> 00:24:45.480
behind a password. You're a common
special character numbers and symbols. A password
303
00:24:45.480 --> 00:24:49.519
system, well, most of your
online system will will go and tell you
304
00:24:49.559 --> 00:24:53.599
that this has to be a minimum
eight, twelve, fourteen or sixteen characters.
305
00:24:53.759 --> 00:24:59.359
Right, So when it tells you
the minimum, this is exactly what
306
00:24:59.400 --> 00:25:02.640
you need to file. If it's
a minimum or twelve. Well, you
307
00:25:02.680 --> 00:25:07.200
can have sixteen characters, you can
have seventeen characters. I do not recommend
308
00:25:07.319 --> 00:25:14.680
using a password generator online because nobody
else is used. If you do,
309
00:25:15.039 --> 00:25:18.359
a person that cannot remember a pass
where you're right down on the sheet of
310
00:25:18.400 --> 00:25:21.519
paper, hot it and lock it
somewhere and you lock it up. Okay,
311
00:25:21.680 --> 00:25:23.799
all right, if you if you
lock it up in your closet,
312
00:25:25.359 --> 00:25:30.839
in a shoebox, nobody can use
the Internet to go get that password because
313
00:25:30.880 --> 00:25:36.079
it's not on a system anywhere.
So you have to have that kind of
314
00:25:36.119 --> 00:25:40.319
mindset in place. One of the
other things, too, is to just
315
00:25:40.640 --> 00:25:44.680
change your password on a random basis, maybe like every ninety days or so.
316
00:25:45.920 --> 00:25:48.200
Almost said, like a lot of
things I do like that is I'll
317
00:25:48.200 --> 00:25:52.319
set a Google reminder on my Google
calendar. Just comes up. It's time
318
00:25:52.359 --> 00:25:55.480
to again, go back to changing
your your batteries in your smoke alarm.
319
00:25:55.839 --> 00:25:59.839
Right, those aren't gonna last indefinitely, right, and if they're not updated
320
00:26:00.119 --> 00:26:03.400
like your software, you're smoking alarm
is not gonna work when the fire kicks
321
00:26:03.400 --> 00:26:06.319
in. Right, So last last
item on our four lists, and see
322
00:26:06.359 --> 00:26:08.640
if you have any other closing thoughts. But um, talk to us about
323
00:26:08.799 --> 00:26:19.359
m f A. Oh, it's
like a little scary here we go.
324
00:26:19.920 --> 00:26:25.799
Let me just make it simple,
okay, please, okay, use the
325
00:26:25.920 --> 00:26:30.640
name and password and something else like
a token, right that you got?
326
00:26:30.799 --> 00:26:36.839
What do you mean by a token? Token is a advice that has a
327
00:26:36.839 --> 00:26:41.599
a certain digits a number on there. Okay, And and you know,
328
00:26:41.720 --> 00:26:45.680
most of the organization we'll go have
you to put in a user name and
329
00:26:45.720 --> 00:26:48.960
password, but then after that you
got to put a token in right that
330
00:26:49.039 --> 00:26:53.160
they supply to your email address.
Another layer of security, which as a
331
00:26:53.279 --> 00:26:56.079
user is a little bit of a
pain or a hassle, but it probably
332
00:26:56.079 --> 00:27:00.920
makes you feel more secure, right, Yeah, you know, some small
333
00:27:00.960 --> 00:27:04.119
inconvenience for the big picture price.
Yes, when you put your userna and
334
00:27:04.119 --> 00:27:08.200
password, and then after that you
get an email code and put the code
335
00:27:08.240 --> 00:27:11.440
in. Yeah. Yeah, you
can have used a hard token as well
336
00:27:11.519 --> 00:27:15.480
too, which is by companies like
r s A, which is which actually
337
00:27:15.559 --> 00:27:19.920
have those codes on a little piece
of device that could change this rapidly for
338
00:27:21.000 --> 00:27:26.160
you as well too. Uh.
Most of the large organization will go have
339
00:27:26.480 --> 00:27:30.319
m f A, and most of
the websites, banks in everywhere else is
340
00:27:30.319 --> 00:27:33.319
pretty much following the same, the
same stand up. Now you just kind
341
00:27:33.359 --> 00:27:40.680
of make sure that you enable that. But broactly make sure that you enable
342
00:27:40.799 --> 00:27:42.799
this. All my digital parents out
there, listen to me. It's the
343
00:27:42.880 --> 00:27:48.960
chief of sobsecurity. Make sure that
you enable this. And I'm gonna keep
344
00:27:49.160 --> 00:27:53.519
talking about digital parenting because it's such
a critical issue. Do you not know
345
00:27:53.720 --> 00:27:59.880
that? When when I went on't
Link then and I posted my live scho
346
00:28:00.160 --> 00:28:04.680
for digital parenting, I had someone
that was involved with one of the federal
347
00:28:04.759 --> 00:28:10.359
agencies that was going to study on
this okay and told me that this was
348
00:28:10.400 --> 00:28:14.759
way over written here because he was
working on his doctorate program and said that
349
00:28:14.839 --> 00:28:18.480
it was a great topic to go
have. He said he's been arguing about
350
00:28:18.519 --> 00:28:23.599
this for like years, and um, maybe later on in the podcast session,
351
00:28:23.640 --> 00:28:27.680
I should find out who we who
this persons and see if I can
352
00:28:27.680 --> 00:28:32.839
get him on the live screen because
this would be very important digital parent um.
353
00:28:32.960 --> 00:28:34.720
Yeah, and maybe during the holidays
would be great too, because people
354
00:28:34.759 --> 00:28:37.759
sometimes let down their guard when they're
out shopping or they're you know, over
355
00:28:37.839 --> 00:28:42.640
extended, um and they're traveling with
family and friends and so forth. But
356
00:28:42.720 --> 00:28:48.200
yeah, I think the digital parent
is a very um important topic. To
357
00:28:48.279 --> 00:28:51.640
do a little deeper dive in another
episode. Right, but what's interesting about
358
00:28:51.680 --> 00:28:56.160
again the Halloween analogy being October and
cybersecurity month is when you send your kids
359
00:28:56.160 --> 00:29:00.559
out trick or treating, it's not
like, um, everything and goes right.
360
00:29:00.599 --> 00:29:03.440
You want them to have fun,
just like, but you want to
361
00:29:03.839 --> 00:29:07.240
you know, keep your guard on, uh you know what's happening when they're
362
00:29:07.240 --> 00:29:10.319
out trick or trading, and keep
them safe because they're in costumes and you
363
00:29:10.319 --> 00:29:12.480
know you don't want them wandering out
in the street and getting you know even
364
00:29:12.519 --> 00:29:18.000
just you know, tripping and um, getting a bump on their knee or
365
00:29:18.000 --> 00:29:22.359
whatever. Right, something's small to
too major and back to like the online
366
00:29:22.400 --> 00:29:26.359
there's there's amazing things kids can kids
can learn from education. It opens up
367
00:29:26.400 --> 00:29:33.680
a world of opportunity and education right
around the world and in the past that
368
00:29:33.720 --> 00:29:37.160
wasn't available to them. Right,
But just got to be uh mindful,
369
00:29:37.319 --> 00:29:41.640
mindful exactly what is what is perfectly
going on? You know, you just
370
00:29:41.680 --> 00:29:48.519
have to stay engage, you stay
active, um and and stay tuned to
371
00:29:48.599 --> 00:29:55.000
this episode, stay to this episode
here and just realized that Obersecurity it's a
372
00:29:55.079 --> 00:30:02.599
change in environment activate you. Soybersecurity
mindset, uh and be smart what you
373
00:30:02.720 --> 00:30:07.000
do all digital parents in the chief
of cybersecurity is holding you responsible. I
374
00:30:07.039 --> 00:30:11.599
am gonna keep on and you know
who you are exactly. Yeah, we're
375
00:30:11.599 --> 00:30:15.640
not mentioning any names, but yeah, okay, Dwayne, was a pleasure
376
00:30:15.680 --> 00:30:18.119
having you back in the studio and
we actually actually have at least one more
377
00:30:18.119 --> 00:30:22.559
episode coming up this month October and
Cybersecurity Awareness Month. But this was a
378
00:30:22.599 --> 00:30:27.240
great UM springboard to launch off the
month and the celebration of this and awareness,
379
00:30:27.559 --> 00:30:32.960
So UM again. Visit Dwayne Heart
dot com for all Things for You
380
00:30:32.960 --> 00:30:37.359
can purchase his book from there,
listen to previous podcast episodes linked to his
381
00:30:37.440 --> 00:30:40.720
YouTube for his live stream, UM
even some you know Q and A.
382
00:30:40.759 --> 00:30:42.400
If you have some questions, you
can reach out to UM the man of
383
00:30:42.400 --> 00:30:47.160
the hour, Dwayne Hart. So
we'll see you next time on this episode
384
00:30:47.319 --> 00:31:00.319
and on the internet. Be Safe. Two