This post began as a note on Slack, but given the length and subject matter, I decided a blog post would be more appropriate. Brian Krebs did a fantastic job, as usual, in his Sept 5 article on cryptocurrency thefts that may be connected to the 2022 LastPass breach (or possibly breaches). To be clear, I write “may” because I have no involvement or first-hand information, but in my...
Part 2 of 4: The BCP
A Business Continuity Plan (BCP) is essential to protect your business from human and natural threats.
Part 1 of 4: The BIA
This is the first video in a series covering four important and related topics with an emphasis on small business: Business Impact Analysis (BIA), Business Continuity Plan (BCP), Disaster Recovery Plan (DRP), and Incident Response Plan (IRP).
Home Depot: Hammers, nails, and breaching our privacy – again!
A recent investigation by the Office of the Privacy Commissioner of Canada into Home Depot of Canada Inc. has found that Home Depot failed to obtain customer consent before sharing personal data with Meta.
Vlogmas Day 29: Do you “like” your privacy?
Privacy discussions often revolve around the use and abuse of personal information by governments and corporations. While global surveillance is a serious concern, and some corporations abuse the information entrusted to them, the fact remains that most Internet users happily hand over their private information and allow companies to use it in exchange for “free” services.
Vlogmas 2022 Day 28: Interview with Jerry Bell on Mastodon
In today’s episode of SecurityGuy, I discussed Mastodon and the fediverse with Jerry Bell, a Chief Information Security Officer and the administrator of infosec.exchange.
Vlogmas 2022 Day 27: Interview with Ahmed Masud, CEO of saf.ai
In today’s episode of SecurityGuy, I speak with my friend and colleague, the co-founder and CEO of Saf.ai, Ahmed Masud about saf.ai’s flagship product Resiliate, which applies cutting-edge AI to protect data against unauthorized access and changes, data corruption, and data exfiltration. Among other things, Resiliate provides cost-effective defence and rapid recovery from ransomware...
Vlogmas 2022 Day 26: I hate passwords!
While speaking at the 2004 RSA Conference, Bill Gates predicted the demise of passwords saying, “they just don’t meet the challenge for anything you really want to secure.” In 2011, IBM predicted that within five years, “you will never need a password again.” The death of passwords has been predicted by many people. We’re still waiting…
Vlogmas 2022 Day 25: RAID is not a backup
Many businesses make serious mistakes that place their data at unnecessary risk. These mistakes often stem from a fundamental misunderstanding of storage technologies. Redundant Array of Independent Disks, more commonly referred to by the acronym RAID, is an approach to data storage virtualization that combines multiple physical disk drives into one or more logical storage volumes. Depending on...
Vlogmas 2022 Day 24: LastPass Breach
Over the past few days, we’ve learned that the LastPass breach disclosed in August 2022 was much worse than previously reported. Here’s my take on the situation, what you need to know, and what to do about it.