Category: Advice

Learn Things Your Competitors Don’t Want You To Know at OODAloop

The membership network at OODAloop.com provides actionable insights you can use to inform better decisions and to execute actions that will help you win in the modern marketplace.

Members receive access to research and analysis, special reports and early insights into shifting trends the modern executive needs to track.

Learn more about OODA network resources and start your free trial as an OODA member at:

https://www.oodaloop.com/ooda-network/

You Know The Cyber Threat, Now Do Something About it

We continually capture lessons learned and best practices for reducing digital risk and enhancing cybersecurity and maintain a list you can use to review to ensure you and your team are optimizing defenses.

We provide no-nonsense tips on topics like:

  • How to configure our DNS to reduce the chances that malware will propagate in your systems
  • How to pick the best cybersecurity framework for your organization
  • Tips for dealing with your data

To see the full list visit: OODA Loop Cybersecurity Best Practices

And for external review of your cybersecurity posture see OODA LLC offerings in:

Technology Due Diligence – CTO as a service – CISO as a Service

Put A Team Of Seasoned Professionals On Your Side

OODA LLC is a CTO advisory and Due Diligence firm operating across multiple sectors of the economy. We are known for our ability to help companies mitigate risks and increase compliance while optimizing security spend.

Crucial Point helps clients improve defenses by:

  • CISO as a Service: Strategic leadership for corporate security programs, including evaluation of an exercising of incident response plans.
  • CTO as a Service: Technical architecture review and senior advice, including action plans for modernization and cloud transition.
  • Independent verification and validation of compliance, including GDPR, FFIEC, NIST.

We would love to serve your efforts. Contact OODA LLC  for more information.

 

Journalists In Danger of Cyber Espionage: Lessons from Jamal Khashoggi murder

BBC news ran a piece titled “Jamal Khashoggi: Saudi murder suspect had spy training” which provides more details on one of the 15-member team sent to kill Jamal Khashoggi. Maher Abdulaziz Mutreb was trained in how to use offensive spyware technology as part of nation-state sponsored efforts for the Saudi state.

A source described how Mr. Mutreb spent time in a course with him in 2011 learning to use tech his company was providing the Saudi government so it could carry out targeted attacks on the phones and computers of its own citizens.

From the BBC report:

“This information might have been basically everything from [their] GPS position, conversation, microphone audio around the device itself, camera pictures, files on disk, emails, contacts, everything that was on the device itself.”

The tools he was trained in, the source said, were similar to other tools which, according to Citizenlab and Amnesty International, were recently used against several of Mr Khashoggi’s friends.

We have a recommendation for all journalists as well as anyone else seeking to make it harder to be spied upon. Take action now to raise your defenses by reviewing the OODA Guide to Cybersecurity Best Practices.

And for external review of your cybersecurity posture see OODA LLC offerings in:

Technology Due Diligence – CTO as a service – CISO as a Service

 

Protect Your Network At Home And Sense When WiFi Enabled Devices Come Close To You With Fingbox

Fing is a nice app that runs on your smartphone or tablet that will show you who else is on your network. It puts an interface on capabilities like Ping, Traceroute and many others and presents information in a way that is fast. You can find links to download the app at Fing.io. Next time you decide to join a public WiFi network at a conference or hotel you can launch Fing and see how they have configured the network and if you can see others on the net. Note: The Fing app works a bit better on Android, for now. Apple has restricted the ability of applications to see some technical info (specifically MAC addresses). But the greatest functionality of the app is its connectivity to the device mentioned below, the FingBox. So don’t let the lack of ability to scan MAC addresses deter you from downloading the app.

Fing now has something that makes it far more powerful than just an app on your mobile device. They offer a device for your home network called the Fingbox. This adds network security and troubleshooting to watch over your network and give you control to block users you don’t want in your net. It detects intruders, manages devices authorized to use your network and also analyzes the quality of your WiFI and Internet connections. Fingbox also gives you parental controls.

Another really neat thing it will do is give you a “WiFi Fence” around your home. This of this like having a magic super power. You can set it to give you alerts when any device comes near your home. Imagine getting an alert when the mailman approaches or when the pizza delivery guy gets near. Imagine getting an alert when a bad guy comes close at night. Or would you like to know when a WiFi enabled drone is within range of your house?

I love the Fingbox and mostly highly recommend it to anyone with WiFi at home. Find it here.

Track The Technological Dimensions of The Cyber Threat With CTOvision

CTOvision reports on all the megatrends driving the future of IT, including trends in cybersecurity. More importantly, we track how the functionality of Cloud Computing, Artificial Intelligence, Mobility, Big Data, Robotics and the Internet of Things will require new approaches to cybersecurity.

If you enjoy the daily Threat Brief we know you will enjoy CTOvision. Sign up for our newsletters at: https://ctolink.us/CTOnews

Want to mitigate digital risks? Don’t get another assessment, get an assistance visit

The Daily Threat Brief  is designed to give you awareness of risks, so you can mitigate them!

Our team has a track record of safeguarding some of the nation’s greatest secrets, equipping U.S. leadership with actionable intelligence that helps protect lives and driving technology innovation that has kept key agencies generations ahead of our adversaries.

Reply to any of our products to ask for more information on how we can serve your efforts.

For more on what we do and to engage us in a dialog see: Crucial Point

We are now part of OODA, offering: Technology Due Diligence – CTO as a service – CISO as a Service

Few organizations have the resources required for optimal cybersecurity and digital risk reduction

OODA’s CISO as a Service offering puts our seasoned team of experts on your side.

Our leadership has spent years working across multiple sectors of the economy and in government agencies helping organizations protect what matters most. We know the threat, know best practices and know the importance of keeping your security program focused on enabling your business objectives. Our CISO as a Service offering is the ideal choice for firms who have grown to the point where a more robust security program is required. We can provide the executive leadership to get your program off the ground and can assist you in your search for a full-time CISO.

For more information see: OODA LLC

Protecting Your (and your employee’s) Personal Information at Home

A trend we have noticed in engagements across multiple sectors of the economy is an absolute thirst for information on best practices for protecting information at home. Every employee of every company, from the most senior executive to most junior intern, is now leveraging advanced interconnected technologies in amazing new ways at home. In doing so they are introducing new risks to their personal privacy, and, at times, introducing new risks to the firm they work for. This means it is almost always in the best interest of employers to help employees understand how to better protect their personal information.

The hard part is that every home IT configuration will be different, and it is very hard for a company to provide useful, actionable guidance to every employee. We have found the most important recommendation is to encourage employees to adopt an attitude of personal responsibility and continuous questioning regarding optimal home security configuration.

Read a full report at CrucialPointLLC.com in our Collection of Best Practices in Cybersecurity: Protecting Your Personal Information At Home

Crucial Point is now part of OODA LLC, offering services in Technology Due Diligence – CTO as a service – CISO as a Service.

Happy New Year: Here Are Five Suggestions To Reduce Your Digital Risk

 

This is the time of year when we think about change and make lists of resolutions to keep in the new year. As you think of your resolution list we have five topics for you to consider:

1. Use a managed DNS service at home and office: This can help prevent accidental navigation to websites that have been taken over by malicious actors and contain bad code. It can also help stop communications from malicious code in your systems back to their control sites.

2. Use two factor authentication for every account: There is no such thing as a silver bullet in cyber defense, but this is one of the most important things you can do. If an account does not offer multi-factor authentication, consider closing it.

3. Use a password manager (like Dashlane): We all have too many passwords to remember. A good password manager like Dashlane can help you keep them all up to date and secure and can also make your online life easier.

4. Update operating system and applications: Keeping your operating systems and applications patched reduces many risks.

5. Sign up for the daily at ThreatBrief.com: You can review the latest threat information in just a few minutes each morning. The threat is dynamic and the Threat Brief will help inform your decision-making by keeping you up to date.