Insecurities About Security.

Guilty as charged, I admit I do shit about protecting myself from viruses and theft as it relates to my digital life. I know I am not alone, and most companies are as guilty in exposing themselves to cyber vulnerabilities as their professionals.

As more and more cyber thefts occur, it seems as if as a society we are getting immune to what seems like daily headlines of massive digital breaches, which is nuts as more and more of us are sharing and posting more and more about our legs than ever before.

Again, I plead guilty as charged for not being more mindful of this myself.

But not my friends at Sax, LLP who are on a mission to try and help corporations with protecting themselves. And so when I heard about their latest Webinar on The Dark Web, I was fascinated to learn more.

Here are the excerpts from my conversation with John Murphy, Head of Business Development, Sax LLP and Matthew Hahn, Chief Technology Officer, Sax LLP…

WHAT IS THE DARK WEB? The entire World Wide Web is made up of three main components: The “public” web which makes up about 4% of the Internet and consists of the information you will find via search engines like Google and Bing; the “deep” web which consists of 93% of the Internet, and is made up of sites that hold information but are secure, such as medical records, government reports, company and school intranets, and pages behind paywalls; and, the “dark” web which is a buried layer of the Internet that makes up about 3% of the World Wide Web.  The Dark Web is made up of hidden websites that revolves around complete anonymity and requires specific software and knowledge to access.  Because everything done on the Dark Web is untraceable, it is a breeding ground for illegal activity that includes drug sales, stolen identities, human trafficking, hit men, and more.

WHY SHOULD COMPANIES BE CONCERNED ABOUT IT? It contains blatant crimes and heinous acts, and truly is a dark space that most people should stay away from.  However, the very existence of the Dark Web threatens businesses greatly.

The Dark Web is the black market of the internet, and where you trade stolen information for money.  With that and coupled with complete anonymity, hackers in-turn make a profession out of breaching networks and stealing data to sell.  Companies are a primary target of hackers because of the wealth of sensitive information their networks hold, including their employee and client data.  Stealing and selling information like Personally Identifiable Information (PII) and Protected Health Information (PHI) can be very lucrative for hackers.  To put it into perspective, one person’s driver’s license number can run about $20 on the Dark Web; one user’s login credentials for an online payment service such as Paypal can run around $200 each; and selling the medical records for one person can put more than $1,000 in a hacker’s pocket.  With that, hackersare more inclined to breach businesses because they give hackers a large amount of data at one time.

Another reason why companies should be concerned about the Dark Web is because it takes only one employee to click on one disguised email from a hacker to put the whole company at risk.  Hackers are becoming more clever and developing new ways into networks every day. It is imperative that business owners not only make themselves and their employees aware of these threats, but also train staff and implement the proper barriers to secure their company.

WHAT ARE SOME OF THE WAYS COMPANIES CAN PROTECT THEMSELVES WHEN THERE ARE SO MANY CYBER ATTACKS? For starters, they should attend our DARK WEBinar on November 29th . Also, it’s imperative that business owners do not turn a blind eye to the threat of breaches.  Cyber attacks are unfortunately here to stay, and breaches are becoming more severe and more sophisticated as hackers are penetrating networks at an unprecedented rate. You can see this with the breaches of company giants like Verizon, Amazon, Ebay, Bank of America, and Target to name only a few.  Companies can protect themselves by having a strong security posture with respect to current technology.  In addition, we always recommend security education and training for end users to help mitigate cyber threats.  It comes down to People, Passwords and Processes. Company employees are on the front lines when it comes to receiving phishing emails from hackers or phone calls (yes, hackers are starting to cold call looking for employee credentials).  Human error is the number one cause of a security breakdown, and it only takes one error to be completely compromised.

This is what technology providers like Sax Technology Advisors specialize in, because it requires specific attention and knowledge which most IT teams are not equipped to do. We implement the latest trends in security, provide security awareness training to employees, and keep a finger on the pulse of the dark web activity through our continuous monitoring solutions in order to stay as proactive as possible when a breach does occur – because it most likely will.

WHAT IS THE OBJECTIVE OF THE SEMINAR? In short – to provide people with valuable knowledge and best practices to begin fortifying their businesses and network. We recognize the mystery behind the Dark Web, and that many people only hear about it but do not fully understand what it is and why it exists.  The purpose of our DARK WEBinar will be to provide a detailed description of the Dark Web to our attendees, and explain what it is, how it is used, who uses it, and why. We will also go over how to avoid breaches and best practices for password security to keep your company credentials from being compromised and ending up in the hands of hackers on the Dark Web.

TELL US ABOUT SAX TECHNOLGY ADVISORS.WHO ARE YOUR CLIENTS AND WHAT SERVICES DO YOU PROVIDE? Sax Technology Advisors is a full service Managed Services Provider. We provide network managed services, security programs from end user awareness training to artificial intelligence solutions, as well as extending expertise in business continuity and disaster recovery strategies.

Our clients range from 10-250 users. We do not focus on any particular vertical which allows us to service a wide range of clients. We do work with companies who have regulatory compliance like GDPR, PII, PCI, PHI, and others like ALTA (American Land and Title). More and more industries are recognizing the need to have a minimum set of standards to address security, and as people understand how vital these measures are to the longevity of their company, Sax Technology Advisors will be here to help them navigate through the maze of solutions that works best for their business and their technology needs.