COMMUNITY PARTNER (November) - ScaleMatrix

Cutting Edge Technology and Team - Community Partner, ScaleMatrix

If being associated with the best-of-the-best is as important to you as your cloud storage, colocation, help with managed services, network connectivity and that all important storage and data protection, then you need not look further than ScaleMatrix. They are our partner too, providing services for the SoCal Cyber Cup Challenge so you can know the students are being exposed to and experiencing the best-of-the-best that San Diego has to offer. Thanks, ScaleMatrix! We thank you for being on our team!

Learn more at: www.scalematrix.com

Is East Korean Really Your Biggest Threat?

By Dave Tuckman from Golden State Web Solutions, Inc. (www.GSWS.com / dave@GSWS.com) Nov 2017   

We did a Cybersecurity presentation at the Microsoft Store in Fashion Valley on November 3rd, 2017 and called it ‘Don’t Let The Grinch Cybersteal Your Holidays’ (here’s the recap). These are always enjoyable, it’s great to see all the attendees so interested, engaged and having such a desire to learn. Ironically my biggest takeaway from this event, took place before it even began.

Earlier that morning, I was out/about picking up last minute supplies for the event. When I was at one location purchasing the food, the cashier noticed my GSWS/Cybersecurity shirt and commented on the Cybersecurity tagline. Paraphrasing, the conversation something like this:

  Cashier:  Good morning! Were you able to find everything you are looking for?                Dave:   I hope so. Thanks for asking                                                                                      Cashier:  Cybersecurity? I bet that gives you some good job security…                              Dave:  (smiles), It definitely keeps us busy. There’s definitely a need, actually                          everything here is for a presentation we have today.                                       Cashier:  Yeah, you need to be real careful with those Vietnamese. Their leaders                           are crazy, and he’s behind all of this.                                                                           Dave:  (smiles), actually, if I can share some of my intel with you, it’s actually                         the East Koreans you really want to keep your eyes on.                                     Cashier:  Man, you do know your stuff. I was reading about them the other day.              Dave:  (still using the previous smile) Thanks, yes there’s going to be                                         something new every day. Best thing you can do is continue to keep                             your eyes open, and ask questions. Here’s my card – reach out if you                       ever have some questions. Happy to help.

From there we wrapped up and I went on my way. The conversation itself may sound a bit silly, but underneath, there was a pretty serious message that made me pause. Employees and co-workers are the life blood of an organization (and a hacker’s primary target). If they don’t know what’s going on, what do we think is going to happen?

Here we have a good/intelligent person, who enjoys where they work and is perfectly capable of their responsibilities - but at the same time had no clue what the real risks are.

So who really is our biggest threat?
It’s not Vietnam, East Korea, or the employee - It is the organization itself.

How much more secure would this organization be, if they simply implemented security awareness training to their staff?

I walked into our presentation wondering how many attendees might have a similar perspective. That influenced what (and how) the presentation ultimately got communicated, and I think, overall, it helped make the event that much better an experience for everyone.     

Questions/Comments? You can reach Dave directly at (619-905-4468) or email dave@GSWS.com.

Girls Inc. awarded $20,000, ESET Nonprofit Pitch Fest

Girls Inc. of San Diego County wins $20,000, national “ESET Nonprofit Pitch Fest” competition

Girls Inc. of San Diego County wins ESET Nonprofit Pitch Fest, a national contest celebrating ESET’s 30-year anniversary, helping aid in the next 30 years of community innovation

 SAN DIEGO – October 24, 2017 – Girls Inc. of San Diego County, a nonprofit organization that inspires girls to be strong, smart and bold through workshops and technical-skill education, was named the Grand Prize Winner of the ESET Nonprofit Pitch Fest and received the top cash award of $20,000.

 Girls Inc. will be using the funds to support outreach programs in San Diego that inspire girls to pursue professions in science, technology, engineering and math (STEM) and give them opportunities to learn technical skills like coding that can lead to a job in cybersecurity and related fields.

The contest was part of IT security firm ESET’s 30-year anniversary celebration, which awarded $30,000 to nonprofits seeking funds to improve their community through technology and education.

Girls Inc. received the $20,000 Grand Prize, and five finalists across the country were each awarded $2,000, including Oasis San Diego, Big Brothers Big Sisters of Rochester, Vital Link Education Business Consortium of Orange County, United Through Reading and The Dream Girls Initiative.

The award presentation to Girls Inc. of San Diego County took place on Monday, October 23, at Epiphany Prep Charter School in San Diego, one of the locations where Girls Inc. conducts its programs.

“At Girls Inc. of San Diego County, we are training the next generation of cyber-defenders,” said Carla Vallone, President, Board of Trustees, Girls Inc. of San Diego County.  “Our trainees don’t look like the current cybersecurity workforce. Our trainees are girls ages 8 to 18, many of whom are girls of color from diverse backgrounds. We are grateful to ESET for this essential funding that will support our STEM outreach programs here in San Diego County.” 

 “Ultimately, Girls Inc. really stood out for the work it is doing to inspire young women to be strong, smart and confident while teaching them technical skills,” said Celeste Blodgett, Vice President of Human Resources and Learning and Development at ESET North America. “Its submission laid out very specific ways it will address the cybersecurity skills gap problem, while also helping with diversity in the tech sector.

 

About the ESET Nonprofit Pitch Fest

ESET, a privately held company celebrating its 30th anniversary in innovation in IT security, held the Nonprofit Pitch Fest to hear from nonprofits around the United States that are making a difference in the community. The three categories nonprofits could apply under included Women in Technology, Cybersecurity and STEM/STEAM Education, and the Innovation/Startup Economy. Contestants wrote answers to an essay question that asked how their program/initiative in the respective category would contribute to the next 30 years of innovation in the community. The initial organizations were voted on by the general public, and the top 10 vote getters were entered into the final stage of judging, in which a selection committee evaluated the nonprofits’ essays based on (1) alignment with one or more of the three noted categories and strength of the idea, (2) need for proposed program/initiative in the community and (3) feasibility of program deployment.

About Girls Inc. of San Diego County

Girls Inc. of San Diego County inspires girls to be strong, smart and bold by providing hundreds of girls each year with life-changing support and real solutions to the unique issues girls face. By providing no-cost, research-based programming, the organization helps girls in the county overcome gender, economic and social barriers so they may see college as attainable, resist peer pressure and explore professional fields in STEM (Science, Technology, Engineering, Mathematics) that have so far been nontraditional for women.

For more than 50 years, the nonprofit organization has supported high-need girls with no-cost programming to help them succeed in life. To support Girls Inc. of San Diego County, visit www.girlsincsd.org.

ESET Press Release

 

Cyber Monday, Black Friday, Small Business Saturday... Whatever, BE MINDFUL and BE RESPONSIBLE!

Almost like a “Hallmark Holiday” society had dubbed a special designation for Cyber Monday, Black Friday, Small Business Saturday. Does this mean you should not be cyber aware and responsible the rest of the year? No! Absolutely not! It means all the more that year ‘round cyber security is a shared responsibility. You cannot count on companies or the government to be responsible for your online safety and security. Download the SOeC Cyber Hygiene poster for pertinent tips you can employ, at home and work. Take responsibility to stay safer all times and especially so during the holiday shopping periods. Learn More: Cyber Hygiene poster

Business: https://static1.squarespace.com/static/587655a3e6f2e1ab23aa85c8/t/589b95d7ff7c500cb020908f/1486591448168/SOeC_Cyber-Hygiene-BusinessTips_2016.pdf

Home: https://static1.squarespace.com/static/587655a3e6f2e1ab23aa85c8/t/589b9630c534a507b71b798d/1486591537528/SOeC_Cyber-Hygiene_Family-Personal_Tips_2016.pdf

written by Liz Fraumann November 2017

The Tin Cup and Jingle Bells - The non-profit you choose to donate to, can make a difference

In the mid-1800s, 1865 in fact, the Salvation Army was started. Most of us recognize this long-standing non-profit organization by the “bell-ringers” standing on local streets beside the large kettles in an effort to collect funds to help the less fortunate leading up to the holiday season. In San Diego alone, there are approximately 9,000 non-profits all looking for businesses and individuals to help their cause. “…to whom much has been given, much will be required…”

With the advent of the Internet and ‘everything’ digital, many organizations’ causes go un-noticed or under-funded. In a recent article the number of cyber jobs that will go un-filled by 2021 are anticipated to be…3.5M…

Consider helping a future cyber defender/leader donate to the SoCal Cyber Cup Challenge.

Download the sponsor flier – learn more at http://socal.cc 

Read more about the dearth of cyber professionals at: https://www.csoonline.com/article/3200024/security/cybersecurity-labor-crunch-to-hit-35-million-unfilled-jobs-by-2021.html

Written by Liz Fraumann November 2017

 

Hello, my name is Tina or Barbie, or Carla - If it's an IoT enable toy, you may want to reconsider!

There are less than 50-days before the all-time high of the year in toy purchases, “THE Holidays!” The first thing kids and grandkids ask when given a new toy is, “What does it do?”

Eons ago, I remember taking an old box and making it into whatever I could imagine. NO more… What does it do… is the operative phrase. However, as a parent, aunt, or giving adult, we should be asking, “What might this device expose to my child, niece, nephew, grandchild or neighbor?” As long ago as 6 months, the FBI was warning about “IoT” toys. Think first, then purchase. We as adults must protect our future generations. Read More: https://www.nbcnews.com/tech/security/fbi-warns-parents-privacy-risks-internet-connected-toys-n784126

There is no greater gift than giving of oneself. It is a hard lesson to put into practice, especially when it comes to our children. We want to give them everything they want and more. We are bombarded with “wish lists” from various websites, advertising on-line, in stores, television, radio, newspapers (they still print these, don’t they?) and then just about everywhere else you can think of! It is so easy now to sit in front of your computer and just click and pay. No effort, no thought. And, that is one of the issues, no thought. How often have you actually thought about one of the IoT devices your child is begging for? How might it be used to ‘break into” your home? What might it be doing with the data? Where is it going? Who has access? Is there a camera that you may not know about embedded in it? Because we are working long hours, giving of ourselves seems to be the last choice. We’re tired. “There is not enough time in one day to do it all.” “Something has to give and I just can’t take it!” But, truly there is nothing better in life than sitting down with a child and watching the wonder in their eyes as you read one of those good ‘ol Christmas stories together.

The bottom line, just really understand what you are getting if you choose to purchase one of the IoT toys for this holiday and spend a bit of time researching things prior to making that purchase. To help you along in that research, read articles like this from the FBI: https://www.nbcnews.com/tech/security/fbi-warns-parents-privacy-risks-internet-connected-toys-n784126

Written by Liz Fraumann November 2017

Three Tips for Buying and Sending Gift Cards This Holiday Season

The end of the year holiday shopping season will soon be upon us. And with this turning of the seasons, our thoughts turn to payment cards. Or is that just a security wonk thing? As retailers both on- and offline become more busy, the incidence of payment card fraud increases. This negatively affects both retailers and consumers, as we all have to pay for this theft. Likewise, we all need to help by doing our part to discourage fraud. In this post we’ll discuss security considerations around gift cards.

Hierarchy of cards

In a world where money is often represented as numbers moving from one place to another, the difference between types of payment cards may seem a bit nebulous. But there are subtle differences between how money is moved, and in protections offered for the different types of accounts.

There is a legal limit on the amount of liability you have on credit and debit cards, with some popular types additionally offering “zero liability” for customers who promptly report fraudulent purchases. 

Credit cards offer the most protection to consumers, in part because your card only offers access to funds borrowed from a bank. Debit cards, on the other hand, offer access to funds stored in your savings or checking account. This means that a credit card fraud temporarily decreases your limit to a line of credit, while debit card fraud may temporarily prevent access to your own money for use or withdrawal, until the theft report is processed. 

Gift cards and stored-value (also called “prepaid”) cards also behave differently from one another. Gift cards function as a digital representation of cash for redemption at certain stores. And, like cash, if a card is lost or stolen you’re probably out of luck. Stored-value cards act more like a bank account in that you may have “zero liability” for fraudulent purchases, but you may also be subject to monthly or per-activity fees.

Internet-connected cash

Gift cards are unique among payment cards because they do function so much like a digital equivalent to cash. The key word in that description being “digital”; meaning that cards can be bought, sold and managed online. And, as is too often the case, if something is accessible online it usually means that people with nefarious intentions can also access it. There is a wide variety of ways that criminals can and do misuse gift cards. These techniques basically boil down to ways of defrauding retailers by selling stolen goods, and ways of defrauding gift card recipients of the value of their cards.

There are three things consumers can do to decrease (but not eliminate) the odds of problems with gift cards:
1)    Buy only from retailers that store them in locked cases
2)    If you must buy them online, get them directly from the retailer
3)    Buy only cards that require PINs for purchases

This holiday season, perhaps we should revive the old-fashioned tradition of exchanging cash in a festive greeting card. But even if you do seek the convenience of payment cards that can be bought and sent online, there are ways to improve the odds that your recipient will get to enjoy the full measure of your generosity.

Written by Lysa Myers November 2017

SoCal Cyber Cup Underway

A New Experience For Students - SoCal Cyber Cup Challenge 2017/18 

The great news about the SoCal Cyber Cup Challenge that just wrapped up the Practice Round I, is that beginning on 11 December through 31 December – Practice Round II starts! 

Students and schools/organizations that missed the first round still have an opportunity to jump in and see what all of the excitement is about. Teams are typically associated with a school, but organizations like Girl Scouts, Boy Scouts, Boys & Girls Clubs, or just friends getting together are all welcome to try their hand. 

Go to http://socal.cc and explore. 

You can still register. 

We strongly recommend that your coach register first and in the comment field cite the affiliation. We will ensure your team school/organization is then listed within 24 hours so the students/participants can register with help from their parents and then… Let the games begin!

Written by Liz Fraumann November 2017

From the comfort of your easy chair in your own home…and the risk is?

 

 As I sat in my easy chair, holiday shopping had just become easy as well! I peered over my glasses to watch the Breaking News flash across the television, just after I had just clicked on the 6th site from which I was buying presents for the family. It read “Massive breach” just announced on ‘the shoppers network.’ ALL, virtually ALL, patrons who had made purchases over the past 30-days had ALL of their Personal Identifiable Information (PII) compromised. Dramatization, yes but, millions and millions of citizens have been breached in the past 11 months. It is the greatest number of citizens that have had their SSN, DoB, Credit Card information and much more. So, what to do? 

So, now that we have your interest, it should be known that many people are part of a breach each day, yet that feel little effect on their daily habits. In fact, this is part of the problem, The Credit Card Companies cover your losses or purchases that you confirm you have not made and we all continue to maintain our behaviors – as imperfect as they are. What you should be doing is: 

1) Change your passwords for the holiday season and again after the first of the year 

2) Use a specific credit card, not debit, for your shopping – online or in person. Ensure it is not associated with your other financial instruments. 

3) Careful what you click on – if it appears to be ‘too good to be true,’ it is! 

4) Unless you are planning on making a really large purchase, like a car, home, boat, place a credit freeze with the three-credit bureaus. It is $10 to freeze your account for each service bureau and another $10 to unfreeze them when you wish to have them activated again. I’d “negotiate” with Equifax and see if I could get a discount!