Roger Smith

Why is it so hard to fix business security?
LinkedIn
September 15, 2018

The responsibilities that boards and management have in today business world are scary.
All the old requirements, of which there are a fair number, are being overshadowed but not replaced by new business insights based on compliance, regulations, ethics and risk.
The old issues and problems have been taught in universities and through the school of hard knocks for years. The new problems are only becoming a reality now. In most cases boards and management are playing catch up.

What is wrong with today’s managed service providers?
Self
September 13, 2018

In the last 3 weeks we have had a number of new clients, thanks to our sales team, come to us with a problem.

Their problem is that their Managed Services is costing a fortune but they do not seem to get anything in return.

Not that they are not getting support, the problem is that the support they are getting is not noticeable. It is hidden behind service level agreements (SLA) that promote remote work, reporting based on vanity metrics and no contact except through email, SMS or phone.

If you want someone on site, well, that’s an extra cost. It should be included in the SLA because it is not the client’s fault that your skills do not fit the requirements and they should not be paying for your learning curve.

The results are in - we suck at business security!
Self
September 01, 2018

Last week I was having a go at the managed services industry, this week it is small and medium business and not for profit organisations turn.

The information from the most recent surveys on cybersecurity is in, Telstra and Security in Depth have completed their surveys and it is not looking good for SME's

Some of the stats from the survey are:

60% of all targeted cyber attacks were aimed at SME's

Why organisations need to change to OFFENSIVE SECURITY to protect their assets.
Self
August 08, 2018

Compliance led soft security is failing.

It leave too many unknowns, creates unpredictable situations and give a false sense of security.

In most cases it just does not work.

But, it looks so good on paper.

If your business security relies on a form, completed by anyone who is available, then the problems associated with a cyber event are not being taken seriously.

Lets face it, if the hackers are saying this,

‘it is not the case that we are so smart, but more a case of the average organisation is deploying inadequate security’.

Then we have a problem with our reality.

When it comes to cybercrime, protecting 100 clients should be no different from protecting 1,000,000
Self
July 22, 2018

The bulk of cybercrime and cyber events in the news are focused on large multi national organisations and government departments.   Newsworthy events are in fact always newsworthy.

These are the organisations we hope and believe are focused on protecting the information that we unwittingly give them through our interaction.

An attack on them makes for great copy.   But, the overall problem with cybercrime and cyber events is not the big fish.   The big fish are known to have millions of records that should be protected from a cyber attack.   Not protecting them reflects in spectacular thefts and large scale reputation failures.   Newsworthy events!

How do you handle the "insider" threat?
LinkedIn
July 14, 2018

The internal “spy” - the insider threat
The hardest attack to defend against in cybersecurity.
There are three types of spy

In today's world, why do you need a good backup!
LinkedIn
June 30, 2018

The focus in todays business world is all about using, collecting and managing data.
Every organisation is collecting information about their customers and clients. Who they are, what their likes and dislikes are, how interested are they in the products and services, that you sell. All of this information is stored somewhere.

Why we think we are immune to cybercrime!
LinkedIn
June 09, 2018

"As a person, you would not be particularly worried about a trained Ninja accosting you on the street or jumping out at you in a dark alley and beating you senseless.

Business security needs a quantum attitude change!
LinkedIn
June 03, 2018

The digital world is rife with huge problems mainly derived from the attitudes of the people using it.
The single utterance of “I am too small to be a target” is a good place to start.

Why do we have the stereotypical attitude that ICT = Cybersecurity
LinkedIn
May 28, 2018

For the last 15 years, ICT departments have been seen as the leading lights when it comes to security. It is no longer their job and their job alone...

Why do we have the stereotypical attitude that ICT = Cybersecurity
LinkedIn
May 28, 2018

I was recently at a networking event, where everyone was delivering their pitch and listening to everyone else's.

Cybersecurity, why we have to change, NOW!
LinkedIn
April 08, 2018

Starting to feel like a broken record, But, why do we have to change our attitude to cybersecurity? , “Kicking soapbox along”

Cybersecurity - we still have the wrong focus!
LinkedIn
March 04, 2018

With the expected $660 billion loss to cybercrime this year, we definitely have to change our understanding, our focus and most importantly our attitude when it comes to business security and cybersecurity.

When it comes to Business Security, why do we all want to do it ourselves?
LinkedIn
February 04, 2018

Good at your job?
So good in fact that you are doing everything right.
You have the education, experience and drive to make your dream a reality.

The insider threat, the hardest cybercriminal to keep out!
LinkedIn
January 13, 2018

The internal “spy” - the insider threat
The hardest attack to defend against in cybersecurity.
There are three types of spy

Are big business, politics and government being outpaced by the digital world?
LinkedIn
December 24, 2017

Disruptive technologies are splintering society. Changing the way that people think, act and communicate.

Why is there so much CRAP on the internet?
LinkedIn
November 27, 2017

I recently overheard one of my brighter students comment that if you are only researching using the internet then you are not getting the facts.

In some cases you are getting facts out of context or they are out and out lies.

Why our understanding of illegal has to change!
LinkedIn
November 27, 2017

That was a comment I got from a student recently when I was doing a demonstration of hacking an exploit and taking a picture of the class.

How simple is it to perpetrate a cybercrime?
LinkedIn
November 27, 2017

We have bad rabbit, equifax, NSA, Ashley Madison, Sony(x2), Mirai and Eternalblue in just the last 12 months and everyone of them will have a significant impact on anyone who had information in those systems.

Why is one dimensional business security still sold?
LinkedIn
November 11, 2017

To protect your organisation a number of questions have to be asked, they have minimal involvement from the IT world, they are all fact based and relate to risk management.

Is our attitude to the digital world the same as our attitude to science 1000 years ago?
LinkedIn
November 04, 2017

Artificial intelligence, machine learning, robotics, drones and 3D printing, technologies that are going to change the world, once again.

Digital transformation and the Cybersecurity envelope
LinkedIn
October 30, 2017

Digital transformation - the new catch phrase of organisations. Bleeding edge systems that have started to be used in business!
It allows business to do things faster, better and with more control than ever before.

Patch management - when can you find the time to patch and why it is a problem!
LinkedIn
October 20, 2017

The Equifax issue has highlighted the importance of patching and patching systems within a timely period of time.
In today's world, especially in large organisations, this simple process becomes highly controversial and difficult.

Security experts needed, but are we listening!
LinkedIn
October 09, 2017

We are a necessary evil because we say and do things that people think only we know how to do it and the bad guys would never do that.

What every CEO and CIO should know about cybersecurity
LinkedIn
October 01, 2017

The problem with cybersecurity is it is not sexy.
In most cases it is down right boring.
Although not sexy and down right boring it is still something that every CEO, manager, owner and board member has to focus on.

We are constantly reminded that the digital world is unsafe but are we listening?
LinkedIn
September 16, 2017

Cyber attack after cyber attack.
This company has been breached.
That information has been leaked to the Dark Web

Shiny and new is great but don’t forget security!
Self
July 01, 2011

If you remove these restrictions then any organisation can be secure.

To change our attitude we have to do something to protect the organisation. That something is focus.

Using a framework allows them to focus on each little thing that when combined with all of the other little things builds into a way to protect the organisation.

How do you handle the "insider" threat?
LinkedIn
July 14, 2018

The internal “spy” - the insider threat, The hardest attack to defend against in cybersecurity. There are three types of spy

CyberCrime - A Clear and Present Danger The CEO's Guide to Cyber Security
Lulu
July 01, 2014

Every business has something it needs to protect. Whether it’s top-secret IP, an exclusive client list, or a secure payment portal, your data is what sets you apart from the competition. But most businesses aren’t doing a very good job of protecting what’s theirs.
The digital world is changing fast—and cybercrime is changing with it. Whether it’s a 12-year-old “script kiddie” crippling your website with denial-of-service attacks, or a master hacker targeting a project leader with phishing e-mails, the bad guys have dozens of clever and creative ways to take your assets.

The Basics of Business Information Security
Lulu
July 01, 2011

How normal people can understand the complexity of cybersecurity.

Cybersecurity Excellence Awards educator of the year
Cybersecurity Insiders
January 25, 2018

Great ICT v's Cybersecurity
Self
July 09, 2018

The digital world is having a significant impact on society as we know it.
It's the same in business, we are adopting platforms, systems and technology faster so that we can get that edge over our competitors.
Over our rivals.
One of the largest problems is understanding what we are collecting, where it is being stored, who has access to it and who is authorised to use it.
Changes to governance and compliance, if not already, will have an increased impact on SME’s, large corporations and multinational organisations worldwide.
More and more people are getting concerned about what we, as organisations, are doing with the information we are collecting.

Roger’s Security and Compliance Guide - white paper
Self
July 01, 2015

As a small and medium Business and not for profit organisation this white paper looks at the understanding that needs to be achieved to protect your business and company data from being compromised

When it comes to cybercrime, protecting 100 clients should be no different from protecting 1,000,000
Thinkers360
July 24, 2018

The bulk of cyber events in the news are focused on large multinational organizations and government departments. Newsworthy events are in fact always newsworthy.

These are the organizations we hope and believe are focused on protecting the information that we unwittingly give them through our interaction.

An attack on them makes for great copy. But, the overall problem with cyber events is not the big fish. The big fish are known to have millions of records that should be protected from a cyber-attack. Not protecting them reflects in spectacular thefts and large-scale reputation failures. Newsworthy events!

Large organizations have the expertise, the finances and the understanding that they have to protect their client’s information in the best way possible. SME’s do not!

How many SME’s have gone out of business after a cyber event is unknown. Some of the statistics are available, but not many are focused on whether it was poor management and cash flow or a cyber event that damaged their business to a point where it was unrecoverable.

Did it put them out of business?

One of the things I discovered a couple of years ago is the way the cybercriminal works.

There is a large correlation between the script kiddies and the true hackers, one that is not really known, but every now and then becomes visible.

The Internet is a great resource. It is a great resource for us, but it is an even greater resource for the budding cybercriminal. The Internet can put the budding script kiddy in contact with the true hacker. That contact can be very problematic for SME’s.

What are my targets, after a little research - SME’s with access to trusts, intellectual property, large amounts of cash or the new one, critical infrastructure?

These targets have reduced business intelligence, lack complex systems, lack digital expertise, but more importantly have a blaze attitude to security.

You know the attitude well - it will not happen to me, we have nothing worth stealing or she’ll be right.

Will an SME survive having its trust fund drained - probably not!

Protecting our digital assets is no longer a multinational organization’s problem, it is everyone’s problem, everyone with a digital device has the problem and has to be part of the solution.

http://business-security.com.au/when-it-comes-to-cybercrime-protecting-100-clients-should-be-no-different-from-protecting-1000000/

Cybersecurity as it relates to business capability

Location: Australia    Date Available: August 01st, 2018    Fees: 1,500 - 10,000

Submission Date: August 07th, 2018    Service Type: Service Offered

Protecting business from a cyber event is all a process. Understanding and implementing that process is how SME's avoid a cyber event.
Let me show you how