Archives For arctic wolf

Last week I met Brian NeSmith, President of Arctic Wolf out in Sunnyvale California. Great solution for small and medium business resellers who need a detection solution supporting their MSSP offering! Take 2 minutes to watch this video…this is what I’ve been preaching for the last decade.

© 2016, David Stelzl

Advertisements

foxJust Returned From An Interview With Fox News…Apple Has Been Hit!

Apple has finally been hit by ransomware. Here’s what you need to know…

The reporter had heard things like, Apple can’t be attacked by malware! Wow, is that wrong. True, Microsoft gets hit more often, but there are instances of Apple Malware out there. This is reportedly the first fully-baked ransomware attack on Apple – discovered over the weekend.

The first thing you need to know is, “your prospects think they’re protected by firewalls and passwords”. They’re not.

This attack has nothing to do with either. The only defense, had one of your clients downloaded the BitTorrent Software (Transmission) that was infected, would have been a managed data collecting type security program.

Arctic Wolf, out of Sunnyvale is a great example.  Some UTM firewalls, like Check Point Software, with the appropriate detection functions turned on would also have detected it. And you would have had 3 days to respond, if the technology didn’t block it.

What Software Are We Talking About?

The software is Transmission 2.90.  It’s a peer to peer software client that uses the BitTorrent protocol to move data.

Nearly 50% of the traffic on the Internet today is BitTorrent in some form or another. A lot of it is used for illegal stuff like pirating movies.  But it’s also used by Facebook, Twitter, Government Agencies, Video Game Companies, and more.  It’s only the Transmission version 2.90 that’s a problem, and the Transmission company has already released 2.92.

What’s important here?

It’s the detection / response message. Ransomware has been around for about 10 years. The past three have seen tremendous growth.  Three years ago there were about 100,000 instances reported. Last year that went to 600,000. The biggest ransom paid so far, that I know of, was the $17,000 dollars paid last month by Hollywood Hospital. Lives were at stake, so they paid it.  Most of these attacks target smaller businesses.

Statistically only about 3% of those infected pay, but experts agree that the number is much higher. That’s all that are reported. The hospital, by law, had to report this attack. Many small businesses will pay it and move on.

Your Opportunity Is Now

Get out to your clients now!

They have a couple of days before encryption happens if they’re infected, but chances are they use Microsoft, not Apple, on the desktop.

But even if they don’t use Transmission Software and Apple, it makes sense to recommend an assessment – chances are they have something urgent. You just need a reason to show them.

Remember, scanning isn’t enough. You need some data collection. Move them to UTM Firewalls, add ongoing monitoring services, and remind them, this was Apple and Transmission. Tomorrow it will be Microsoft and something they use every day.  When it hits, no one will be able to save them. They’ll either lose data or pay the fine. The more they pay the fine, the more criminals are going to do this.

© 2016, David Stelzl

 

 

plug and playSelling Security is Not The Same As Selling Insurance

You can spin security a million ways to make it sound like there’s a return on investment, but you’re only kidding yourself.

So how exactly do you sell something that many people think they don’t need more of, and that really has no ROI?

I just wrapped up two training days with Brian NeSmith, President and CEO, and his team at Arctic Wolf, a security operation center that targets small and medium businesses.  As always I’m sure I learn more than anyone at these meetings.  And I have to say, I’m impressed with the technology and the team.

Arctic Wolf is exactly what small and medium businesses need as they move toward more IoT, mobility, and BYOD.  This morning as I’m wrapping things up and getting ready to head home for the weekend, a few key principles are on my mind…these are foundational mindsets every sales person must have if they want to sell security or managed services.

  • Security is not a product. Even if you are selling a product, don’t present it that way.
  • Every small and medium business needs more security. Specifically, they need the intelligence and insight into what’s going on in their network as they create and use data.  According to Gartner, 80% of these companies are working without any realtime detection element. Even if they have the UTM firewall, they probably don’t watch it. And if they did, they wouldn’t understand it. That means every one of these companies is a qualified prospect.
  • If budget comes up, something is wrong. Security is sold based on high impact of a likely event. Most decision makers won’t understand their risk, so start there. That means you’ll need to gain access to those decision makers early in the sales process – but not to show them your corporate presentation. Instead, talk to them about technology trends like IoT that will be used to grow their business.  That’s what they want to hear…then transition to the security risks that come with new technology.
  • The sale requires justification. Justification comes with getting them to see they have urgent issues – risk. Most assessments, like 90%, show urgent findings.  That’s justification. If you still can’t close, you are either talking to the wrong people, or hiding the urgency in the language you use. Be bold and upfront – be clear. People from China are potentially in your data!
  • Whatever you do, don’t get bogged down in the technology and how it works. This discussion can come later with the IT people – but the sale is made at the business level, and should be conceptually made before diving into the weeds.

For more on how to effectively sell security, check out The House & The Cloud…you can get it here for a limited time for $1.00 – free shipping, and no strings attached.

$1 HC Book Ad

 

Today I’m out in Sunnyvale visiting Arctic Wolf – A Cyber SOC company that provides the detection element of security so many are missing!  We really do need more detection…check out this video. If the hacker hadn’t announced himself, the victim would still be clueless.

This Story Tells It All – Man Hacked On Go-Go Wireless. It could have been Starbucks, City Wireless, McDonalds, or any other public wireless network. Something you should be passing on to your clients who still think their firewall is keeping them safe – even when they are working at Starbucks.

Copyright 2016, David Stelzl