This information has been so helpful to so many people – I want everyone to have it. On the right sidebar of my blog, www.davidstelzl.com you can now request a free electronic copy of the House & the Cloud. It’s my gift to you this Christmas Season! Please feel free to pass this link on to people you believe will benefit from hearing my message on selling security!
Archive for December, 2009
23
Dec
09
Merry Christmas!
In case you didn’t get my electronic Christmas card this year here it is. Enjoy your holidays and enjoy time with your family!
Black Energy is a program available online for about $40 with a $700 upgrade option. It can be purchased by anyone with online access and used to steal passwords, attack online banking, as well as launch a Denial of Service attacks.
Today’s Wall Street Journal front page article shares one attack, reportedly on Citigroup – while they deny it, having your name on the front page of a paper of this caliber makes for unrecoverable brand damage. Some key sound bites should be noted as you’re talking with prospects in the coming months.
- Towards the end of this article the bank loses over 1 million dollars before they detect and respond.
- The attack comes through bot type technology, a stealth way of taking over one’s computer. This agent apparently came in through an infected computer – this is normal.
- The article notes that, when one bank is infected, hackers can take over other banks by following connections between banks.
- This same technology was used in cyber warfare attacks last year, shutting down Georgian government and financial sites.
- Experts are concerned that hackers may not stop at stealing money, but may also damage bank systems and create major disruptions. (This would be bad).
- And my favorite sound bite; Citygroup is 27% Government Owned…
Security continues to be a great lead in for high level discussions – this coming year will be no different.
17
Dec
09
More on Facebook…RockYou!
32 million clear-text passwords taken captive through an SQL vulnerability! RockYou.com, which provides applications and services for social networking sites like Facebook and MySpace was hacked this week – earlier in the week I posted a blog on social networking sites and hackers, mentioning some of the issues with cloud computing as well. This is the world we’re headed for as more people move to cloud services. If you’re going to use the cloud, and in some cases this is the only way to go, you have to consider security as a top priority, not price!
If you’re in the business of selling a cloud type service, whether it’s SaaS, hosted email, or online backup, or some managed service that stores data for the client (of any kind), make sure you move security into first place as part of your value proposition. These passwords were stored in clear text – and that is the problem. Every site can be broken into, the question is, will the perpetrators be detected before they get what they want. Security steps such as encryption make stealing much more difficult, to the point that many won’t even attempt it.
Here’s the RockYou article reported by SC Magazine. http://www.scmagazineus.com/rockyou-hack-compromises-32-million-passwords/article/159676/?DCMP=EMC-SCUS_Newswire
15
Dec
09
What about facebook?
I’m sure your customers are using Facebook, who isn’t? So is this okay? Facebook is like cloud computing and SaaS. It’s an application like Saleforce.com or like using Gmail. So if you discover Facebook accounts during an assessment or in the selling process, don’t consider this to be justification for a security project. However, there are some things you should be looking for as you work with clients that access Facebook.
The problem with Facebook; just about everyone uses it, and that means a lot of uneducated users. It also means that family members are spending time of systems owned by your clients. Expect company provided laptops and home computers to be used for social networking, peer-to-peer networking, and accessing websites that are likely infected. So you’re not looking for Facebook accounts, but you are looking for systems that have been compromised by malware, and Facebook (along with any other social network program) increases the chances.
Yesterday’s report on Social Networking Scams is a great start in understanding why these programs open the door to attacks – it’s worth a quick skim. Remember to pull out the sound bites – know these and you’ll not be challenged by arrogant IT administrators. http://www.usatoday.com/tech/news/2009-12-14-searchsecurity14_ST_N.htm
SC Magazine News wire reported this morning an increase in technology spending based on a survey of CIOs. Server technology tops the list, with security right behind it. The problem is, competition is likely to be fierce as some companies actually do begin moving forward on delayed projects, while others remain cautious. How will you differentiate? Imagine selling your server technology with an emphasis on security! But don’t be fooled into leading with the product…business justification and risk mitigation will be your differentiators. You can read the actual news wire here (It’s brief):
http://www.scmagazineus.com/security-spend-to-rise/article/159319/?DCMP=EMC-SCUS_Newswire
09
Dec
09
Public Schools are a Target
If you’ve been to my workshop on selling security, I talk about the information stored in university systems which are targeted by identity thieves. Here’s a report on recent attacks against public school systems. Hackers are cyphoning off data, transferring it to money mules for laundering, and making off with amounts from 100,000 to 200,000…no one’s been caught according to this report. At the end of the article, a link takes you to some information on small/medium business, another sought after target. Both generally have poor security and have not wanted to invest in the past. Justification requires a demonstration of how easy it is – generally through an assessment of some sort. The long term potential of these type of accounts is great for small resellers with strong managed security offerings.
http://voices.washingtonpost.com/securityfix/2009/09/cyber_mob_targets_public_priva.html
Great news! The 2010 teleseminar series has been posted online at http://www.stelzl.us/business_strategy_TeleS.asp – and I have some very steep discounts for people who would like to sign up for the year (10 highly focused, content rich sessions starting March 2010). I am also sending a FREE Data@Risk book to the first 10 people registered…discounts apply through January.
March 19 – Irresistible Justification
Assessments can be one of the most compelling forms of justification when used correctly. In this session, I’ll be showing you how to use assessments (both technical and business level/complementary and fee based) to accelerate your sales cycle for projects and managed service deals!
April 16 – Strategies for Hiring Great People
In the past 20 years I have hired hundreds of people and coached many in the hiring process. I’ll show you how to differentiate good candidates from great candidates and how to know before hiring, who is worth their wages. Obviously this is meant for managers, however others may find this beneficial in discovering what makes for a great interview.
May 14 – Balancing Work and Family
Raising seven children and home schooling, while running a business is no easy task. Let’s face it, when things at home are stressed, the burden carries over to your work, and affects your performance. Put things into balance and you’ll find greater success. I’ll share with you some of the secrets of making this all work.
June 18 – Success through Character
Character matters! Whether you’re looking for personal success or building a team, character can make or break you. In fact, it would be hard to find a personnel problem that is not character related. Great character is at the root of great success, so whether you sell, implement, or run and manage a company of division, this may be the most important topic I cover in 2010.
July 16 – Stop wasting time,
There are lot’s of great books on time management, but who has time to read them? We’ll take a look at planning your day, focusing your time and energy, techniques for refreshment, and how to keep up with everything you have going on!
August 20 – Keys to Great Sales Management
If you used to sell or if you own a business, you may suddenly be called on to manage sales. It’s a hard job to keep sales people motivated, rewarded, and accountable. We’ll discuss compensation, motivation, hiring, managing, and a host of things that will help any manager succeed as they oversee sales. If you’re in sales, please join us to gain a better understanding of what makes a great employee.
September 17 – Personal Branding and Marketing
Marketing and branding are quickly changing. Learn what to stop doing, and where to begin. Use of social media, article servers, email, and effective messaging that will change the way people view you and your company.
October 15 – Winning Proposals
Deals don’t close simply by a great proposal, however a deal can go down quickly when a proposal is poorly structured and presented. Learn both what it takes in writing as well as in presentation to make a great proposal that will boost your sales.
November 19 – Financial Stability through Recurring Revenue
In our present economy, recurring revenue may be your only hope. Whether you already have it or are building it, I’ll show you how to keep it growing. This is a critical part of your companies success in the years to come.
December 17 – Vendor to Adviser
If you’ve not made the transition, be assured they are calling you a vendor behind your back. We’ll look at moving past gate keepers and blockers, demonstrating value in board rooms, and moving to a consultative selling model.
Go to http://www.stelzl.us/business_strategy_TeleS.asp and select the appropriate price in the drop down box for 2010!
There’s no better way to build the team than to experience the great outdoors together…so on December 3rd, I set out with 5 of my children (and one friend) to take on the Blue Ridge Mountains. You can do that in December when you live in the south, with reasonable certainty that it won’t snow.
We embarked from Big East Fork, just west of Asheville, NC, heading into the Shining Rock Wilderness under cloudy skys. The temperatures were pleasant, in the high 40s at about 2500 feet above sealevel.
Being a wilderness area, there are no trail blazes or man made structures, however, having been here before and having taken every possible wrong turn, I felt confident we’d find out way using my faithful compass and topo map. (I have not made the switch to GPS yet, however I have passed groups of people wander aimlessly with their GPS!)
A great place to learn team work!
Yes, this is where teamwork happens! And here is is my oldest son cheerfully helping my third born son.
Everyone shared in carrying our three days worth of supplies. This is my 10 yr old son, carrying his 17 lb pack up the mountain. In past outdoor adventure posts, people have asked for more, so here it is, photos from the trip! This is where real life happens. A mentor of mine frequently says, true profit is measured in discretionary time (for me that means time in the woods with my family).
Lunch Time!
Our favorite meals include instant oatmeal, trail mix, freeze dried dinners (such as Lasagna), and Freeze Dried Deserts! (On this trip we packed blueberry cheesecake)
The river was cold, but beautiful this time of year
More river
From my new SLR camera, my pictures are coming along as my oldest daughter mentors me in the science of shooting great pictures!
Falls
Amazing falls at Graveyard Fields - day hike
Helping Hand
Here’s a picture of team work as my second son helps my third born daughter cross the raging river. Well, not raging, but too cold to step into.
Yes it did snow
Of course, you can’t really count on warm weather. At 4000 ft, it snowed both nights…we left the mountains on Saturday in 27 degree temperatures and a stiff wind. Luckily, we were prepared!
02
Dec
09
The Morning Wake Up Call – no. 3
Welcome to the Morning Wake Up Call…What’s your plan for 2010?
