Archives For firewall

encryptionAre You Protecting Your Clients From Ransomware?

This is likely one of their biggest threats – but if all you do is basic firewall management and backups, this attack won’t be stopped. Ultimately your client should be asking you – how did YOU let this happen.

Not that your client’s will all pay for more intelligent security, but it’s your responsibility to tell them – let them make the financial choice, knowing the risk they are taking.

Zepto is new – it’s dangerous.  It’s a varient of the Locky Ransomware, reportedly responsible for encrypting files at three major US hospitals;  Kentucky Methodist, Chino Valley, and Desert Valley.

This month, researches estimate that this one attack was carried to over 140,000 systems in just a few days. As social engineering evolves, people are tricked more often. Getting an email from your boss or higher level executive demands a response. And when there’s an attachment, it’s hard to call upstairs every time just to make sure it’s real.

This type of attack is gaining momentum – it’s highly profitable. And to date, the only consistent recommendation is to maintain good backups. But restoring dozens or even hundreds of systems could put a business on hold for days or even weeks.

In the case of Locky, one report estimates a group of hackers earning somewhere in the neighborhood of $12 Million in  single month! Software developers building these attacks may be earning up to $100,000/month!  This is big business and it’s not going away.

So What Should You Be Doing?

First, understand that basic firewalls and anti-virus software are not stopping these attacks. So you can continue to say things like, “My clients are too small to pay for more security,” or you can get real with them and let them know they can afford to take the risk. Like buying life insurance or equipping their homes with updated alarms, they may choose not to. As long as you’re making the right recommendations, you’ve done your part.

Second, start looking into “Detection” technologies – security technology that detects. FireEye was early to the market with sandbox technology, but today, there are similar solutions built and priced for almost any size business.

Finally – backups are still your fall back plan. I’m always amazed to see how many small businesses continue to limp along with outdated back up technology…they claim it’s just too expensive to upgrade. If you’ve read, The House & The Cloud – you know why. Without the Impact vs. Likelihood graph sitting in front of them, they don’t understand their risk. Without that, how can they make a decision to spend more? They can’t.

© 2016, David Stelzl

 

 

 

 

 

 

 

Today I’m out in Sunnyvale visiting Arctic Wolf – A Cyber SOC company that provides the detection element of security so many are missing!  We really do need more detection…check out this video. If the hacker hadn’t announced himself, the victim would still be clueless.

This Story Tells It All – Man Hacked On Go-Go Wireless. It could have been Starbucks, City Wireless, McDonalds, or any other public wireless network. Something you should be passing on to your clients who still think their firewall is keeping them safe – even when they are working at Starbucks.

Copyright 2016, David Stelzl

Don’t ignore security if you work in the SMB market…I continue to see smaller resellers focusing on managed services, but neglecting the security side of this program.  Don’t do it.  Managed services contracts justified on security remain the most stable contracts for long-term recurring revenue.

In this attached article, Cyber Thieves Hit Owners (From the Wall Street Journal), the writer shows how small businesses are often held responsible for financial losses caused by hackers…in other words, while you as an individual can usually recover by placing blame on the bank, it is only on some recent cases that the bank was held responsible for small business losses.  While the writer takes the positive side, seeing a trend to help small business, we are not there yet.

Every project should incorporate security, and every reseller should assume their SMB clients are clueless about security.  That’s just the way it is, and this article says exactly that.  Consider these sound bites from the link above:

  • “The proportion of those attacks that were explicitly focused on small business rose to more than 30%, compared with 18% at the end of December 2011, according to its findings.”
  • “In the first half of 2012, the total number of targeted attacks on organizations rose to an average of 151 a day during May and June.”

Make sure you have security built into your discovery process – look for weak end-node security, poorly configured firewalls, unstructured data outside the firewall, unsecured web applications, and personal devices full of sensitive data (such as Smart phones lacking passwords and encryption).

© 2012, David Stelzl

I’ve been saying this for years – detection is the most important part, and your managed services program is a critical component of the detection strategy.  I just finished up today’s webinar – the second session of, Accelerating Managed Services Sales.  Both sessions, March and April, where full, with a waiting list.  This article on Global Payments underscores the problem with most security problems – if you read the quotes from the experts cited in this article you will see the recurring theme, Firewalls and Perimeter security don’t do it.

In today’s session on managed services sales I presented several mistakes being made in the sale of managed services offerings. The biggest one is putting the focus on ROI – Return on Investment, or TCO – total cost of ownership.  Is there a TCO savings?  Probably – or maybe even a forceful “YES”, but don’t lead managed services sales with this.  Risk is the motivator here, and companies are losing the battle according to last week’s FBI reports.  If you’ve read my book, From Vendor to Adviser, some sound bites worth remembering from the above article include:

  1. The Heartland Payment Systems breach exposed 130 million credit card numbers – credit card data is still vulnerable.
  2. The Payment Card Industry Data Security Standard (PCI DSS) is highly prescriptive in nature, but simply complying does not ensure credit card security.
  3. The perimeter-based approach is not sufficient and fails to protect critical data and internal resources that bypass these point solutions.
  4. Firewalls, antivirus and [intrusion detection and prevention systems] are no longer enough to protect against rapidly evolving zero-day and insider attacks.

Remember, sound bites build credibility, however, as I explain in my book From Vendor to Adviser, they do not sell.  They help you relate to executives as long as the source is credible in the eyes of the buyer – so steer away from Infoweek type sources when gathering these sound bites.

Join me on April 9th – 11th for a deep dive into the world of selling highly profitable security solutions and you’ll also get a one hour one-on-one session with me to review your business and create a more effective strategy for selling more profitable solutions.

Sign up here! Making Money w/ Security (just 5 seats left)

© 2012, David Stelzl

 

Again, Anonymous proves that IT does not have it covered.  Announcing an attack, and then successfully executing, is a demonstration of the power hackers have.  This time a political move over blocking cell phone coverage on the train, Anonymous posts customer lists with associated information of those traveling on BART.

The real problem here is in BART’s approach to security, not Anonymous and their agenda.  Who is responsible for BART’s security strategy?  Are people mad at Anonymous, or those watching over BART’s data.  If Anonymous didn’t exist, it would be someone else.  It’s a wrong mindset to think cybercriminals should go away – because they won’t.

© 2011, David Stelzl

 

Vendor to Adviser

December 20, 2010 — 2 Comments

If you missed my teleseminar last week on moving from Vendor to Adviser…Here are some examples of how I’ve turned mundane deals into profit-rich, consultative relationships:

  • A firewall upgrade opportunity referred by a vendor/partner turned in large profit and product.  Rather than going in with quotes and features, I presented cybercrime trends to an executive VP, identified their mission critical applications, data, and some process, and showed them how current trends are attacking companies similar to theirs.  The meeting ended with an agreement to perform a simple assessment, which was then expanded to a $65,000 contract.  From there we spent over a year implementing security controls, locking down operating systems, and eventually signed a three year security management agreement.
  • A firewall replacement opportunity from a non-active client turned into a larger assessment and perimeter security initiative with dual-authentication and application security consulting.  In this case, the client wanted to review competitive quotes.  Rather than responding with numbers, we called a meeting with the VP of operations, reviewed mission critical applications, and discovered a need for stronger application security and authentication for users who are members but not employees of the organization.  We proposed a simple assessment which closed for $35,000, and demonstrated the need for two-factor authentication, intrusion detection with event correlation, and upgraded various components of the perimeter as well as website security for the application in question.
  • An intrusion detection opportunity with a newspaper company turned into a larger policy consulting project putting us in front of all major company stake holders.  Rather than responding with numbers we were able to show the need to identify company policy in order to properly place and managed intrusion technology.  This effort led to a portal based policy server, intrusion prevention technology along with managed event correlation.  Future projects were easier to win with our new executive level sponsorship.
  • A large network project was put on hold at a major southeast university.  Instead of giving up, I was able to convince them to conduct an operational efficiency and risk study on the need for new network equipment.  This allowed us to gain entrance to all major stake holders positioning us for future project business.
  • At an educators symposium I was offered a breakout session to speak for free.  I used that platform to present trends on cybercrime, approached being taken by large organizations, specifically in the education/university space, and was able to follow up with one of the attendees with economic buyer status.  Our team conducted an assessment for $125,000, and then leveraged that relationship for introductions throughout the southeast.  Similar projects followed in North Carolina, South Carolina, Georgia and Florida, many of which required remediation efforts.
  • A similar speaking opportunity was given to me at a CLEC symposium for NC, SC, and VA.  Similar results followed the educator symposium.
  • A small staffing role was awarded to us to install some server technology in a large multimillion-dollar financial application project.  By researching their proposed plan we were able to show how their approach was not going to produce the results they were looking for.  At the risk of losing our position on the project, we proceeded with recommendation on how to change the program, putting us at the helm of a 3 million dollar initiative to role out a lending application nationwide.

You get the idea.  Taking existing product opportunities, free speeches, and by proposing contrarian approaches, a savvy sales person can move up.  One who has taken the time to stay on top of trends and developed consulting skills, can move to a consultative, and highly profitable position within the organizations they are already calling on.

© 2010, David Stelzl

Here’s a rare clip from a recent Making Money with Security Workshop…don’t forget to check out my upcoming virtual workshop.  I only have 16 seats left and there is no travel on this – perfect for smaller sales organizations.

http://www.stelzl.us/sales_development_MMS1_virtual.asp

© 2010, David Stelzl