Archives For verne harnish

santa-clara-marriott

Aggregated Data In The Hands of The Hacker

Is Allowing Hackers to Become You…

Yesterday I presented to business leaders in Santa Clara California, and the Santa Clara Marriott Hotel…I was surprised, but not so surprised, at how few of our attendees had recently performed risk assessments. Many of them had never had an actual risk assessment!

In our session we covered a number of evolving  trends – one important one is the trend of aggregated data and deep machine learning. If you remember the recent report from Verne Harnish – the emails used to steal over $400,000 sounded like they came right from Verne’s desk. How does that happen?

We’re all being watched. Our data is being both monitored and collected. It’s being aggregated and analyzed.  

Our data describes everything about us. Where we go, what we do, what we view online, where we eat and shop, and everything we write. This data is stored, aggregated, sold, and stolen…in the hands of the wrong people, it can be disastrous.

Using deep machine learning computers create an amazingly accurate profile, exposing things we would never share openly. For instance, who has posted their salary on Facebook? Probably no one – yet Facebook advertising can easily target and audience in a specific income range. How does it know?

2016-11-11_10-44-10

With the right data, just about anyone can become you online.

That means they’re sending email, giving directives, and even interfacing with your customers and suppliers. But don’t think for a minute that they’re helping you out. In Verne’s case they were ordering Accounts Payable to wire $400,000. His team had no way of checking the validity of this request – other than making a call. But given hundreds of request just like this, who would question it?

Several attendees came up after the session sharing similar stories in their own businesses.  In the end, our sponsor, Truman Roe, President of  TruTechnical offered each attendee a risk assessment. From my count, every company in attendance took him up on the offer!  This is the best place to start…with a clear measurement of risk, companies can be more confident in how they approach their security strategy.

© 2016, David Stelzl

 

 

Advertisements

ohioSpeaker Notes for Tomorrow’s Session in Cincinnati…

This morning I am headed to Ohio to meet with business leaders in the Cincinnati area – Another Digital Money session on Stopping Hackers!

If you provide IT services to businesses, I hope you’ll consider doing one of these with me at some point. Every business needs it, and most don’t understand the threats they are up against.

It’s a busy fall for us. Last week we wrapped up a session in San Francisco with large reseller executives, then headed down to work with a large sales team in Irvine, CA.  And tomorrow, Cincinnati, a session sponsored by InTrust-IT…

The Most Frequently Misunderstood Truth In Small Business

The big question always comes up, “Why would anyone want my data? After all, we’re just a local business. There’s nothing interesting here.”  I think Verne Harnish answered that question last week. If you’ve read his books, Rockefeller Habits, and Scaling Up, you know he’s a small business with very little in the way of infrastructure. Like me, he’s a speaker and a business coach, supported by a small team. Yet his blog post tells the story of a $400K ruse that caught him and his team completely by surprise.

Why small business? Because small businesses still have money, take out loans, and process credit cards. They have bank accounts and payrolls. Today’s hacking tools are largely automated. So sending out hundreds or thousands of scamming emails takes the hacker very little time. When one lands, the hacker will follow up. Small businesses are also largely unprotected by this sort of thing.

It might be a fraudulent invoice or request for ACH wire transfer. In Verne’s case he writes, “They sent an email to my assistant completely imitating my style, subject line, and signature asking her to wire funds to three different places.” This is getting more and more common. The more data we put online about ourselves, the easier it is for someone to impersonate us!

Tomorrow’s Session is About Digital Money and the Value of Data

Digital Money, my latest book, goes into detail on this. Data aggregation is in motion, pooling our data in one place where it can be analyzed.

There are several major data aggregators out there doing this. But the idea is to collect enough data to profile YOU. This is usually for the purpose of some analysis or marketing effort. We’re seeing it used right now in the election. That’s right. The candidates are leveraging this data to figure out who is likely to be on the edge, and needs a push. The data tells them both who to target  and how to influence them.

That data in the hands of the hacker allows the hacker to act just like Verne, or whoever they need to be, to issue orders to the team. Verne’s on stage in Russia, meanwhile his team is getting instructions to transfer funds. Will they? Of course. They’ve received these requests in the past, and they were real. There’s no reason to question them now, and the hacker knows that. These attacks are well scripted and highly successful. And the likelihood of prosecution is low.

Can it be stopped? Not completely. But there are ways to reduce the risk…and that moves us to a managed security program that involves people and technology, well equipped to deal with these common attacks. A program that detects these threats early on, before data has been compromised, and stops them before damage is done. Tomorrow, my goal is to give our audience the business-level understanding they need to make wise decisions going forward. And then to point them to the tools and process they’ll need to combat these attacks in the coming year.

© 2016, David Stelzl

 

verneLast month I was interviewed by Verne Harnish, The Growth Guy and author of Scaling Up…

Our topic was security. This month Verne published an article in Fortune drawing from our interview… You can read it right here:

http://fortune.com/2016/03/21/business-fight-cybercrime/

© 2016, David Stelzl

.

Planning: Day 1

December 12, 2012 — 2 Comments

magnifyingglassLast week I invited a select group of business owners to my home for a time of teaching, planning, and goal setting for 2013.  This week I am taking some time to walk through this process with my own business; something I do three times each year (every 4 months).

Verne Harnish

Verne Harnish, in his book, Mastering the Rockerfeller Habits, writes about rhythm – one of the three success factors of business alongside priorities and data (access to key metrics he refers to as smart numbers and critical numbers).  The rhythm he speaks about is found in a series of meetings that happen daily, weekly, monthly, and quarterly.

Steve Dulen

I recently heard a very successful business man (Steve Dulen) speak on taking sabbaticals.  He said, “I live from one sabbatical to another.”  His point wasn’t that he is just wasting his time waiting for the next one, but that his planning process if built around achieving goals that focus on the next 4 months, and then he’s off measuring and course correcting for the next 4 months.  I’ve done this now for two years and it has proven to be extremely beneficial.

Jack Welch

In Harnish’s book, he recommends following GE’s example of setting a far reaching goal, for instance 25 years out.  This is where you are headed long term (or what I refer to as your long term vision).  Once your vision is in place, you should then turn your attention to 90 days (1 Quarter). Harnish argues that, after 90 days, nothing really matters.  Focus on the short term, execute well, and then regroup for the next quarter.  At each point, make sure you know where you are, and where you need to go.

How My Version of  Rhythm Works

I have chosen to do this every 4 months, rather than 3, but the key here is rhythm.  By getting into a rhythm of every 4 months, I don’t have to think about when to do this.  The time is set, as is the process.  This week I will work through a process I’ve developed that includes reading, listening, reflecting, and brainstorming.  As I go along I am writing down goals and refining where I am headed over the next 4 months.  I’ll consider things that are working, and things that are not.  I’ll look at market conditions, the best use of my time, partners and employees, and key clients.  I also look at my person life, spiritual life, and every factor that affects the important areas of my life.  By establish in routine to work through as I go through the day, I end up using my time efficiently.  I may refine the process, but essentially its the same thing each time.   This cycle repeats as I work through questions I have, past goals I have set, and needs I have identified.  At the end of my planning period I will have refined my vision, set my goals, understood my metrics, and identified those things that need to change.  I will also be refreshed and  ready to take on the next 4 months.

What Does Your Process Look Like?

If you don’t have a process to plan your year, you need one.  Companies that plan well tend to outperform those that don’t.  My process will take me through to Friday – and after spending three solid days on planning and strategy, I should have a pretty clear picture of where to spend my next four months.  (Note: I do this out of the office to reduce disruptions – this also becomes a great time of rejuvenation).

© 2013, David Stelzl