Tag: cyber security

Public-Private Partnership on Cyber Security Policy – Ping Podcast – Episode 53

Episode 53: Public-Private Partnership on Cyber Security Policy

We projected some cyber security policy directions under President Biden at the beginning of 2021. But with all that’s happened since, it’s time to take stock of where things are now. For that, we welcome NextGov’s Mariam Baksh to take us through recent cybersecurity initiatives from the White House and Congress. Mariam outlines the use of public-private partnership to improve security, and whether some recent announcements constitute real progress or just talk. She also discusses the revisiting of the NIST framework, how the cyber insurance industry is involved, and recommendations from the Cyberspace Solarium Commission.

Read Mariam’s work at NextGov.

In headlines, we update the T-Mobile data breach story. And then, we discuss Apple’s relationship to privacy and how money plays a role. Finally, we learn about the latest ransomware cell to call it quits and why this keeps happening.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, Overcast, Amazon Music, TuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Moreover, please rate and review us wherever you listen. And remember to subscribe or follow where you can to get the latest episodes as soon as they’re released

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Helping Cyber Insurance Help Cyber Security – Ping Podcast – Episode 49

Episode 49: Helping Cyber Insurance Help Cyber Security

Cyber insurance is meant to protect businesses from cyber attacks. But does it help or hurt cyber security as it stands now? Cyber Research Analyst Jamie MacColl with the UK’s Royal United Services Institute (RUSI) gives us a primer on cyber insurance. He takes us through the state of the industry, its relationship to ransomware in particular, and what can be done to make cyber insurance better.

Read Jamie’s research paper on the subject, titled Cyber Insurance and the Cyber Security Challenge.

In headlines, we hear about a massive ransomware attack affecting hundreds of businesses worldwide. Then, we discuss a series of Android apps that stole Facebook logins from users. And finally, we dive into the hashtag #infosecbikini and why it trended on Twitter last week.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, Overcast, Amazon Music, TuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Moreover, please rate and review us wherever you listen. And remember to subscribe or follow where you can to get the latest episodes as soon as they’re released

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Psychology & Cyber Crisis Response – Ping Podcast – Episode 39

Episode 39: Psychology & Cyber Crisis Response

Training employees in cybersecurity is a must for a protected organization. But gone are the days when a yearly table-top exercise will keep you covered. Rebecca McKeown, an independent Chartered Psychologist and special advisor to Immersive Labs, joins us on this episode to shed light on micro-drilling, and how best to train for crisis response. After all, cyber attacks are certainly crises. She discusses why this approach of cognitive readiness is effective for a wide range of reasons, and how organizations can implement the technique. We also talk about how remote work makes this even more effective, and how working from home can affect employees in general.

In headlines, hear about the top 25 brands used in phishing attacks. And then, learn about who the most likely targets of malicious emails are – watch out Australia. Finally, we discuss military and nuclear facilities being hit with malware in Kashmir & Pakistan.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). And now we’re on Amazon Music, too! Moreover, please remember to subscribe or follow where you can to get the latest episodes as soon as they’re released. And please rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

The Gender Gap – Ping Podcast – Episode 23

Episode 23: The Gender Gap

A great gender gap exists in cybersecurity careers, with a severe shortage of women in jobs at every level. On Episode 23 of Ping: A Firewalls.com Podcast, our guest, Dr. Nir Kshetri, Professor at UNC-Greensboro and fellow with Kobe University, helps us examine exactly how much of a disparity there is. In addition, we talk about why the gender gap exists, why it makes networks less secure, and both what is being done and what we still need to do to correct the problem.

Read Dr. Kshetri’s article: “The lack of women in cybersecurity puts us all at greater risk.”

Then, in our cyber headlines segment, we talk about a prison sentence for a botnet creator in our first story. Next, we go over how it feels to be victimized by cyber crime. After that, we discuss the new normal in cybersecurity due to the coronavirus and its aftermath.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Moreover, please remember to subscribe or follow where you can to get the latest episodes as soon as they’re released. And please rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

A Cybersecurity Christmas Carol – Ping Podcast Episode 9

Episode 9: A Cybersecurity Christmas Carol

To celebrate the holiday season, Ping: A Firewalls.com Podcast presents its first ever podcast play – a sure-to-be new classic that weaves a cautionary cybersecurity Christmas tale centered around a penny-pinching small business owner on Christmas Eve. Kevin and Andrew flex their voice-acting chops as they bring this not-at-all familiar story to life, featuring special appearances by frequent podcast topics like phishing emails, ransomware, threat intelligence, and more.

The Christmas spirit is also strong with our Network Engineer Nick Petriko, who has been checking his network security Naughty & Nice list in our Engineer’s Minute. There’s still time to get on the Nice list!  Check out all of the expert security services our certified engineers offer.

In our Headlines, we discuss a major U.S. city dealing with ransomware, a twisty story about cryptocurrency that may involve a faked death, and yet another IoT device with security vulnerabilities – though these were thankfully patched.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Remember to subscribe or follow where you can to get the latest episodes as soon as they’re released, and rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

New episodes are released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show!

POS Breach: How firewalls & PCI compliance keep your customers safe

The POS breach. They’re the bogeyman on the mind of every consumer when they swipe their card at the check-out counter: POS, or Point of Sale, breaches. With famous examples such as the Target breach of 2013, in which 2000 retail stores lost sensitive financial data for their customers, it is no wonder that the menace of cyber thievery through the conduits of transaction systems are legitimate concerns. To understand why this type of attack is a real threat, it’s important to first understand how and why it keeps happening.

The Objective:

In most every case of a POS breach, the attacker’s goal is to make off with the sixteen digits printed on the front of your credit card. Credit card data goes for big bucks on the cyber black market, so stealing credit card credentials will always be a worthwhile endeavor for cyber criminals. For the last several years, credit and debit transactions have taken the number one spot as the most common form of payment in the United States. With a majority of transactions taking place through plastic, the Point of Sale device has a big target on its chassis.

The Marks:

Cyber criminals aren’t exactly picky about whose data they’ve stolen. Instead, their game is focused on quantity. Therefore when it comes to a POS breach, attackers are only looking for a few factors to designate a quality target: ease of the breach, number of potential victims, and business functions reliant on Point of Sale systems. Certain types of industries are on the chopping block. Usually, those industries include restaurants, hotels, grocery stores, gas stations, and department stores. Perimeter security in these kinds of businesses are often lax and a high volume of credit card transactions means that attackers have a better chance of snagging something.

The Method:

Most POS systems run on a Windows system. This means that POS systems are susceptible to the same vulnerabilities as a Windows-based computer. Upon swipe, a POS stores credit card data, unencrypts that data in order to process the transaction, then stores the transaction data to later be rolled up to corporate for audit. In the case of POS breaches, cyber criminals are focused on inserting themselves between the unencrypting process and the transaction archives.

You may be wondering how malware is delivered to a POS system. Are criminals swiping malware-laced credit cards at the register? Or hacking into the wires out back? No. Unfortunately, the same means and methodology of the everyday hacker work just fine for a POS breach: phishing emails, weak passwords, and cyber security oversights.

In most cases, breachers target the computers connected to the POS machine to gain access. Employees use these machines not only for transactions, but also use these machines to check email, run other Web-facing applications, or just to surf the web when the boss isn’t looking.

Social engineering and a lack of basic security culture can easily turn a computer used as a cash register 95% of the time into a fruitful honeypot for hackers.

The Cure:

PCI Compliance is a 12-step checklist to ensure that your business is safely handling payment cards. Nearly half of the dozen requirements can be accomplished by use of a properly configured and up-to-date firewall device. If your firmware is kept current and your appliance has been configured in a way which leaves no vulnerabilities and blindspots in the network, you should be golden. Further, regularly discussing cyber security and email safety with employees should be a no-brainer.

Curious about keeping your organization PCI Compliant?

CHECK OUT OUR PCI COMPLIANCE ARCHITECT SOLUTION

Small Business Firewalls: Choosing the right firewall for your needs

Small business firewalls come in a variety of brands, sizes, and options. The firewall is the heart of your cyber security infrastructure, so choosing the right appliance to fit your small business will be a task requiring both insight and foresight. Below, you will find a handful of things that we believe all owners should consider before investing in small business firewalls.

Software vs Hardware

There exist two distinct types of firewalls: software and hardware. While virtual software-based firewalls are great at protecting individual users, they become costly and over-complicated when several users are trying to operate on one network. In this case, a hardware solution is better suited to the job. A single firewall appliance extends protection to all users on a network.

If your organization consists of just a few users, software firewalls could be a workable option. However, if your organization is made up of more than 3 or 4 users, a hardware appliance is an obvious improvement over their software counterparts.

Ease of Use

If you’re running a small business, chances are your payroll may not comfortably accommodate a full-time system administrator role. With other job roles and departments vying for bigger budgets and more attention, an info sec department that requires minimal upkeep is a godsend. Therefore, ease-of-use should play a key role in your decision when purchasing a firewall.

Firewall manufacturers are racing to accommodate the needs of small business owners who can’t dedicate entire workdays to studying the nuances of cyber security. This is accomplished by providing intuitive user interfaces, visualized reporting, and straight-forward alert systems.

Scalable

The ultimate goal of the small business is to grow. Success means more employees. Success means more complicated procedures and systems. Success means bigger networks, more data, and more numerous attack surfaces. Watchguard’s Extensible Threat Manage (XTM)  is touted under the motto “future proof” because it was designed specifically to scale to changing needs.

Firewalls.com recommends hardware that is advertised to accommodate twice the number of users that currently inhabit your network. Not only does the extra strength ensure you’ll never run into performance issues, but it leaves you some breathing room for when your organization grows.

Versatility

Along similar lines to scalability, small business owners should consider how susceptible a firewall is to change. Small businesses have the unique ability to test several different programs and applications before deciding which ones best fit their goals. The software and web applications that you’re working with today may not be the same applications that your business utilizes next year.

If small business firewalls are going to survive the long haul, consider how the firewall interacts with the other hardware and software. Small businesses should never find themselves in a situation where their decision-making options dependent on whether their firewall can accommodate the changes or not. Look for appliances that are versatile, adaptable, and can play well with others.

The Sophos Intercept X endpoint protection was built to run alongside any other Anti-Virus clients in use.

TRY A FREE 30-DAY TRIAL OF INTERCEPT X

Configuration

Bad news. Your buyers’ journey is not over when you click “Confirm Order.” Save that sigh of relief until your firewall has been unboxed, configured, and deployed.

Properly securing your network requires that the settings of your firewall appliance reflect the needs, strengths, weaknesses, and blind spots in your network. Just as every small business operates in their own unique way, their firewall should be customized to fit those needs.

Firewalls.com recommends that small business owners take advantage of our Configuration Service, built on a proprietary 100-step configuration methodology that ensures your firewall is tailor-made to suit your network.

CHECK OUT OUR CONFIGURATION SERVICE OPTIONS

Managed Service

As mentioned earlier, small businesses may not always have a large budget set aside for hiring in-house sys admin. Luckily, there is no shortage of third parties available to do the legwork for you. Firewalls.com offers both Managed Services and Firewall-as-a-Service bundles. The gist of it: you plug your small business firewalls in and we handle it from there. If there’s a problem with your network, we alert you and fix it. Then, you go back to your workday. Next time someone asks you about your business’s network security, you can scoff and brag “Oh, I have people for that.”

CHECK OUT OUR MANAGED SERVICE OPTIONS

Learn About Firewalls: Firewalls.com YouTube Channel offers network security how-tos, tutorials, & troubleshooting

Learning about firewalls and network security is no easy chore. While a wealth of knowledge exists across the web, few domains can translate complex network security concepts into easily-digested lessons for beginners. Likewise, troubleshooting firewall issues often leads to old, obsolete forum responses and dead ends. You’re in luck.

The Firewalls.com YouTube library is continuously growing and packed to the brim with how-to’s, tutorials, troubleshooting guides, and more. Like a treasure trove full of SonicWall and Sophos solutions, Firewalls.com customers and visitors alike are sure to find the answers to their questions.

Who makes the videos?

We do! Right here in the office. Our video series is produced, edited, and narrating by our rockstar team of engineers and architects. If you’re the type of person that wants the answer straight from the horse’s mouth, then this is the channel for you. Our video makers are certified SonicWall and Sophos engineers with over a decade of combined experience in real world network security management. Learn about firewalls from the guys that spend every day up to their eyeballs in network security! Our two narrators, Alan and Matt, are ready to show you the ropes.

a look into the firewalls.com studio where we answer questions based on your search terms about cyber security, info sec, firewalls, sophos, sonicwall, and more
A look at our editing desk.

Who decides what video topics to cover?

You do! We generate topics for our videos based on the top search terms in YouTube, Google, and the Firewalls.com website. We know the Internet has important questions and we want to answer them. If there’s a certain topic you want us to cover, let us know in YouTube comment sections or on social media.

Why the Firewalls.com channel?

We want you to learn about cyber security, so we’re not going to waste your time. We’re no pack of newbs that spend the first two minutes of every video introducing ourselves, begging for likes, and talking about our BFF’s new music project. Get in, get answers, and get back to being productive.

What’s in it for me?

Information, readily available and easy to follow. Our videos are made by screen capturing our network techs using the same reporting and monitoring programs that our customers use, in real time. There’s no magic wand waving behind slick edits or cuts.

Running dual monitors? Set one screen to our YouTube and the other screen to your work space and you can fix network security snafus side-by-side, at your pace.

How can I learn more?

Subscribe to our YouTube channel and you’ll be notified the moment we publish new how-tos. If you’re following us on Facebook, LinkedIn, or Twitter, we’re always sure to post new videos on social media as well.

firewalls.com studio for creating youtube videos answering questions about cyber security, sophos, sonicwall, watchguard, and more firewalls topics
Join us in the studio!

Check out some of our most recent Sophos & SonicWall issues solved:

Use your Sophos XG Firewall as a DNS Request Server

Use SonicWall’s NetExtender to setup an SSL VPN

Firewalls.com Network Security Glossary

Network security can prove deep waters to wade into. As the scope of technology grows, so too does the pool of jargon and initialisms that find their way into our vocabulary. When your network administrator starts muttering about SSL and WANs, it’s tempting to just nod and hope he leaves soon, but maybe it’s time that some of us not-so-tech-savvy folk got a few info sec terms under our belt. With this new infographic from Firewalls.com, you can learn the java-fueled jive talk of the IT clan. Go tell your sys admin how you feel about the form factor of the new Galaxy S8 and watch the mixture of confusion, surprise, and marvel light up their face. Finally, you can interpret the estranged tongue of cyber security.

 

Feeling like a cyber security expert? There’s always more to learn. Stay up to date with the latest news by following us on Twitter and Facebook!

Follow Us on Twitter!