loader from loading.io

Welcome! IBM/Ponemon Study on Data Breach Cost plus more on Tech Talk with Craig Peterson on WGAN

Craig Peterson - America's Leading Security Coach

Release Date: 08/08/2020

Welcome! Why Hackers Like Outsourced MSPs plus more on Tech Talk with Craig Peterson on WGAN show art Welcome! Why Hackers Like Outsourced MSPs plus more on Tech Talk with Craig Peterson on WGAN

Craig Peterson - America's Leading Security Coach

Welcome! Craig explains why Hackers have found a new target that they love and why it might put you in jeopardy. For more tech tips, news, and updates visit - CraigPeterson.com --- Read More: --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Welcome everybody. Hey, if you think that your IT being outsourced is going to somehow protect you from the bad guys. Unless they are a security service provider, I've got some news for you. Hello everybody. Craig Peterson here. A welcome and glad you joined us here on news radio 98.5 And AM 560. I also want to remind...

info_outline
Welcome! Cybersecurity Spending - The numbers plus more on Tech Talk with Craig Peterson on WGAN show art Welcome! Cybersecurity Spending - The numbers plus more on Tech Talk with Craig Peterson on WGAN

Craig Peterson - America's Leading Security Coach

Welcome! Craig puts into perspective cybersecurity spending and how much you should be looking to spend based on certain criteria. For more tech tips, news, and updates visit - CraigPeterson.com --- Read More: --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] This talk of MSP outsourced IT providers.  Brings up a really great question. How much should you be spending on security in a business or at home? Hey, you're listening to Craig Peterson here on WGAN 98.5 FM and AM 560. You can also hear me every Wednesday morning with Mr. Matt Gagnon and, he and I...

info_outline
Welcome! China and An EMP - Could it happen plus more on Tech Talk with Craig Peterson on WGAN show art Welcome! China and An EMP - Could it happen plus more on Tech Talk with Craig Peterson on WGAN

Craig Peterson - America's Leading Security Coach

Welcome! Craig discusses Electromagnetic Pulse as it relates to the DHS warning that China might be planning something around our election. What would it mean? How would we deal with it?  For more tech tips, news, and updates visit - CraigPeterson.com --- Read More: --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] If you're not familiar with the Carrington event, stick around because the odds are great we're going to have to live through another one of these. Even though it's been more than a hundred years, we're going to talk about EMP attacks and a real...

info_outline
Welcome! Nation-State Election Interference is about Chaos plus more on Tech Talk with Craig Peterson on WGAN show art Welcome! Nation-State Election Interference is about Chaos plus more on Tech Talk with Craig Peterson on WGAN

Craig Peterson - America's Leading Security Coach

Welcome! Craig explains Nation-state Election interference and what is more likely just spreading Chaos and distrust. For more tech tips, news, and updates visit - CraigPeterson.com --- Read More: --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Of course, we talk a lot about Russian hackers, Chinese. Iranian, and it goes on and on North Korean, we're going to talk right now about our elections. 2020 a very big year. What's Russia up to, and what's the US doing about it. You're listening to Craig Peterson here on News Radio 98.5FM and AM 560. You can also listen...

info_outline
Welcome! Your Privacy and Security Concerns of Tele-Health plus more on Tech Talk with Craig Peterson on WGAN show art Welcome! Your Privacy and Security Concerns of Tele-Health plus more on Tech Talk with Craig Peterson on WGAN

Craig Peterson - America's Leading Security Coach

Welcome! Craig explains Why you should be concerned about your private health information when using a Telehealth application.  For more tech tips, news, and updates visit - CraigPeterson.com --- Read More: --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Coming up in this hour, we're going to be talking about some of these cyber risks that are really exploded because of the telehealth services. We'll tell you about that. And online voting. Price gouging and defective products rampant on Amazon. Hey, listening to Craig Peterson on news radio 98.5 FM and AM...

info_outline
Welcome! Voting technology and why We Won't have Online voting for some time plus more on Tech Talk with Craig Peterson on WGAN show art Welcome! Voting technology and why We Won't have Online voting for some time plus more on Tech Talk with Craig Peterson on WGAN

Craig Peterson - America's Leading Security Coach

Welcome! Craig explains Voting secrecy and privacy and why online-voting is not ready for prime time and how Mail-in voting is ripe for fraud.  For more tech tips, news, and updates visit - CraigPeterson.com --- Read More: --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] We're about to talk about online voting. I know you've heard a lot about the Mail-in voting, right? Both sides of that, as well as the regular voting booths and stuff. But we're going to talk about on-line. Hey, of course, you're listening to Craig Peterson here on news radio 98.5 AM and AM...

info_outline
Welcome! Amazon Marketplace and third-party sellers plus more on Tech Talk with Craig Peterson on WGAN show art Welcome! Amazon Marketplace and third-party sellers plus more on Tech Talk with Craig Peterson on WGAN

Craig Peterson - America's Leading Security Coach

Welcome! Craig explains third-party sellers on Amazon and why it is not all it is being made up to be and why? For more tech tips, news, and updates visit - CraigPeterson.com --- Read More: --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] You've probably been shopping online and some of these retailers include some of the biggest ones out there have been price, gouging, us, and shipping defective products. We'll talk about who and why and what you can do. Hey, welcome back everybody. Craig Peterson here, he listening to news radio 98.5 FM and AM 560 thanks for...

info_outline
Welcome! Professional Ransomware is Here plus more on Tech Talk with Craig Peterson on WGAN show art Welcome! Professional Ransomware is Here plus more on Tech Talk with Craig Peterson on WGAN

Craig Peterson - America's Leading Security Coach

Welcome! Craig explains the new Corporate face of Ransomware called Ransomware-as-a-Service or RaaS.  How it works and what it means for you the small business owner. For more tech tips, news, and updates visit - CraigPeterson.com --- Read More: --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Odds are pretty good, actually that you've already been hit with ransomware. Raise your arm if it's happened to you, put your hand up. Yep. Yep. I see you. it has gotten a lot worse lately. You're listening to Craig Peterson right here on news radio 98.5 FM, AM 560,...

info_outline
AS HEARD ON: WGAN Mornings News with Matt Gagnon: Voting Technology and What we can and cannot do to Have Secure Elections and How Nation-State Actors hope to interfere show art AS HEARD ON: WGAN Mornings News with Matt Gagnon: Voting Technology and What we can and cannot do to Have Secure Elections and How Nation-State Actors hope to interfere

Craig Peterson - America's Leading Security Coach

Good morning everybody! I was on WGAN this morning with Matt Gagnon and we began with talking about Online and Mail-in Voting and some of the technical problems with those forms of voting, then we got into what the big Nation-States are hoping to do during this election cycle up to and including the possibility of launching an EMP and what that could mean for us in the US. Let's get into my conversation with Matt on WGAN. These and more tech tips, news, and updates visit - CraigPeterson.com --- Automated Machine Generated Transcript: Craig Peterson: [00:00:00] Could put us back to those 18...

info_outline
AS HEARD ON - The Jim Polito Show - WTAG 580 AM: Voting and Technology - Online and Mail-In, Oracle and TikTok, show art AS HEARD ON - The Jim Polito Show - WTAG 580 AM: Voting and Technology - Online and Mail-In, Oracle and TikTok,

Craig Peterson - America's Leading Security Coach

Welcome! Good morning, everybody. I was on WTAG this morning with Jim Polito.  He had a few questions about Voting and the Technology surrounding Mail-in and Online Voting and then we got into the sales of the Chinese company ByteDance to Oracle. Here we go with Jim. For more tech tips, news, and updates visit - ---  Automated Machine Generated Transcript: Craig Peterson: [00:00:00] They've been using some of our drone footage, which is why these Chinese drones are illegal to use for government contractors and many others. Good morning, everybody. Craig Peterson, here. I am enjoying...

info_outline
 
More Episodes

Welcome!

Craig discusses the Cost of Data Breaches and IBM/Ponemon Institute Study and why Credential theft is a pre-eminent form of Cybercrime.

For more tech tips, news, and updates visit - CraigPeterson.com

---

Read More:

Average Cost of a Data Breach: $3.86 Million

The Future's Biggest Cybercrime Threat May Already Be Here

Election Interference: Google Purges Breitbart from Search Results

Google Has Been Purging Breitbart Content from Search Results Since the 2016 Election

Heads roll at Intel after 7nm delay

Out-of-Date and Unsupported Cloud Workloads Continue as a Common Weakness

Three people have been charged for Twitter’s huge hack, and a Florida teen is in jail

Remote Work Isn’t Working? Maybe Your Company Is Doing It Wrong

FBI Releases Flash Alert on Netwalker Ransomware

Electric car startup Lucid is challenging Tesla’s anti-lidar stance

---

Automated Machine-Generated Transcript:

[00:00:00] Welcome back, everybody we're talking right now about IBM's latest data breach report. What does it mean to businesses and you as a home user?

Of course, this is Craig Peterson that you're listening to. You can get my weekly report by just going online. I have a newsletter. We have a whole ton of great information available for you. So check that out, make sure you subscribe and I've got well, it's like four different free gifts. One of them is the most coveted gift that I've given out.

I've had so many great compliments on it and that's your security reboot guide, but you'll get that. If you sign up Craig Peterson.com/subscribe, I think you're really, really going to like it. So we were talking about the IBM report before the break.

[00:01:00] Let's complete that. Now, this is the cost of a data breach report, 2020, and it was done by the Ponemon Institute.

And then IBM did some analysis on it. So let's look at the average total cost by security automation level. Fully deployed 2.4, $5 million. So if you fully deploy your security, if you have everything, your security team tells you. Yeah, you need a breach is going to cost you about two and a half million dollars.

If you've partially deployed like My customer here who had the breach coming in via Mexico. And so we had some stuff there, but not everything that we had recommended. And there is actually required by the federal regulations he's supposed to be abiding by partially deployed the cost jumps from 2.4, 5 million

[00:02:00] to 4.1, $1 million, the cost of a breach.

So let me see right there. You save yourself almost $2 million, which is more than what it would cost you to do this, right? If you're a small business and then not deployed at all, a breach is going to cost you about $6.03 million. Absolutely incredible. Now, where are the main parts of this cost while the customers personally identifiable information. So that's things like there, their name, their email address, their phone number, a bank account numbers, maybe social security numbers maybe credit cards. Right? All of that is called PII and it's the stuff that should not ever be disclosed. So if you're a consumer, you kind of expect the business to keep that information confidential, right?

Well, Oh,

[00:03:00] here we go. Breaches that have customer identifiable information account for 80% of all of the breaches. Isn't that sad? So 80% of the time when there's a breach, somebody's personal information is stolen. And the average cost per record customer record in a malicious attack is about $175 in case you're not aware of it.

If you're a retailer. A retailer is to find incredible amounts. I think right now it's a minimum of $125 per credit card that they've taken. If it's breached and they have credit card information on their systems. That's a lot of money, but on average it costs about $175 per customer record. That's stolen next up here on the screen green, and you'll find this online

[00:04:00] again by searching for IBM and their 2020 data breach report, compromised credentials, and cloud misconfiguration.

Lead the way, well, compromised credentials. Hmm. What would those be? But how about you or username and password more and more businesses are moving to the cloud. And if you are using the same email address and you're using the same password yet, you knew what I was going to say. Didn't you for your accounts?

You're in trouble. And that's why I keep reminding people that they should go to have I been poned.com to check and see if their email address has been stolen and a breach I'm playing around, by the way, I almost guarantee it has unless you've got a very, very current email

[00:05:00] address. So 19% had these breaches came in through compromised credentials, other ways to do that.

Obviously nowadays fishing is a very, very big way that does some of this data is stolen, but these were the most expensive initial tech vectors, compromised credentials, and cloud misconfiguration. Now, you know how much I hate VPNs right now, there is a need for them. Don't get me wrong. But. Almost always, it's more of a problem than the problem you're trying to solve using a VPN.

So one of the things we were talked about here just a couple of weeks ago was how the VPN data from, I think it was eight different VPN providers. Was found online, like 1.2 terabytes

[00:06:00] worth of personal information. Now, these are all VPN services that said we don't log we're not logging. Don't worry.

We're great. Here. You can trust us. We're secure and we're not logging. We're not selling your data. What was discovered online in a misconfigured cloud server? All of the places you had been your password in the clear text your username. So they, they now, now that data are stolen anybody that was using one of them is free VPN services.

And I caution you against the paid ones as well, but anyone that was using one of these free VPN services is out of luck because the bad guys have your username that you use and your password. So again, that's why I keep stressing, get one password. It's the best bar, none one password. I don't make a dime off of this.

Right. Uh, but one password

[00:07:00] and make sure you use different passwords every time and have one password generate them for you. I have one password generate passwords that are usually four or five words along. And then I have special characters between each one of the words, and those are almost impossible to crack.

It would take over a hundred years in most cases unless I'm using one of these VPN services that doesn't bother encrypting my password. My day, wasn't doing some sort of a Shaw hash or an MD hash or anything? No, no, no, no clear text. Okay. Uh, so 19% were from compromised credentials. 19% were from cloud misconfiguration and 16%.

We're from vulnerability in third-party software. So the costliest initial attack, vectors compromised credentials, number one. So keep that in mind, everybody on you, with your home

[00:08:00] user, you're a business user on that rudder heaven forbid you're using a consumer router and firewall in a business. Don't do it.

And in most cases, people never bothered to change the default username and password on their firewall. So bad guys get in 4.7, 7 million in dollars is the average cost with compromised credentials, amazing vulnerability and third party software, four and a half million dollars. And what does that tell you?

Patch. Remember when you're talking about Microsoft and you've turned on the automatic updates on windows, all it's going to update is windows and the core windows utilities. It's not going to update your Adobe software, uh, you know, your photoshop and whatever third party. You know, engineering

[00:09:00] software, drafting, software, whatever.

It's not going to automatically update them. And then it's so many businesses are saying, well, okay, you have to run Windows XP or have to run windows seven because I can't and get the latest version of the software. The company went out of business or it's too expensive. And then number three, cloud misconfiguration.

So both vulnerability and third-party software. And club misconfiguration accounts for about a four and a half million dollar breach each real big deal.

So stick around, we're going to go through some more here.

I enjoy being with you. Thanks for being with me. We will be right back.

You're listening to Craig Peterson.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553