CYBER SECURITY INFORMER - news and tips to help you stay safe online and protect your network

Cyber Security Lessons From Business School

What are they teaching the business leaders of today and tomorrow about being able to assure their customers that their private data is protected? This week, we're getting an education in cyber security from the Sauder School of Business at the University of British Columbia about things companies can do to help build security to instill consumer trust and confidence.

Cyber security tips from Sauder School Dean, Daniel F. Muzyka, from his recent column in the Globe and Mail include:

• Make sure security awareness exists and is maintained. Realize that users are generally rational actors: Give them incentives for good behaviour.
• Keep up with the technology. New hardware offers new solutions, including fingerprint readers that secure laptops.
• Remember the human element. People often avoid doing this because they worry, ironically enough, that it will harm their computer. It shouldn't be this way. Organizationally, patches can be supported by understanding them, testing them, and disseminating them efficiently and quietly with help available for those with difficulties.
• Don't collect data you don't need: You can't lose it if you don't have it.

Sauder School Associate Professor of Management Information Systems Hasan Cavusoglu offers the following advice for companies looking to improve their security:

• Cyber security awareness ust be presented in creative ways to get attention. Don't just give rules, because rules get broken. They have to understand what they do is also affecting themselves. For instance, employees should be made aware that their promotions and bonuses will depend in part on how they’re handling information security. Money is very tangible and a very effective way to change behavior.
  
• Make employees aware with literature about cyber crime and the legal consequences. Employees will know that if they are caught violating cyber security, they will get into trouble. Organizations should use these "carrot and stick" tactics at same time.

For more answers to common security questions appropriate to your role in the organization, feel free to contact Boonbox directly at info@boonbox.net

Cyber Security and Your Business - BBB Seminar

A security breach could even lead to the closing of your business, so you need to know how to protect your business and customers at the same time. Vaclav Vincalek, Pacific Coast Information Systems (PCIS) Ltd. President, will equip you with these protective tools.

It’s not enough for owners to harden their network and build security into their online applications, says Vincalek. “In an instant, an employee, partner or customer just surfing the Internet on trusted sites can open up companies to a world of hurt. It’s not just the loss of reputation and regulatory fines companies need to worry about. The immediate loss of revenue from a shut-down in business operations is something that all companies have to learn how to avoid.”

Some of the advice for owners covered in the presentation may seem unorthodox and extreme, but an evolving threat demands strong counter-measures. “Why give your employees Internet access?” Vaclav asks. “Does it meet your business needs?

We need to start challenging assumptions that are endangering our companies and provide solutions that businesses can use right now.”

At this presentation, you will learn:

• How and why cyber criminals target your business
• The consequences of a web security breach
• How effective network security, web security and identity management tools and practices can protect your business assets and your customers' privacy

Date: Thursday, May 28
Agenda: 8—8:30 am: Registration and refreshments
8:30—10:30 am: Seminar and Q&A
Cost: BBB Accredited: $25/person
Non BBB Accredited: $45/person
Location: 150 900 Howe Street, Vancouver, BC
Register: Call 604.685.7226     Fax 604.681.1544     Email Susanh@mbc.bbb.org

May 19, 2009

Check out Cyber Security Informer Back Issues

Cyber Security Informer is distributed by:

Pacific Coast Information Systems Ltd. (IT Consulting)

Boonbox, a division of PCIS (Security Packaged Services)

Contact PCIS

Toll-free 1.877.744.7558

In this issue:

* Cyber Security Lessons From Business School

* Cyber Security and Your Business - BBB Seminar

* Hacker Bait 

* Ask A Security Expert

Cyber Security Informer provides security news and tips to help organizations protect their business and their customers. 

Give us your feedback about Cyber Security Informer

Name

*

Company

*

Phone

*

Email

*

Feedback

Please tell us how you found out about PCIS

Please Select One - - - - - - - - - - - - - - - - - - - We've done business with PCIS before A PCIS representative contacted meWord of MouthSearch EngineLink on another websiteNews Article or PublicationPrint AdvertisementOther

 Resources Links:

• Join the discussion about tech trends and IT security on the Pacific Coast Informer Blog
• Types of IT Security Threats and their Consequences
• This Site May Harm Your Computer - How to Remove the Google Website Warning

Hacker Bait

The latest Hacker Bait list contains highly trafficked websites that have been found to have vulnerabilities that hackers and cyber criminals could exploit. 

This is not a complete list of all vulnerable sites on the Internet, but only represents websites where vulnerabilities were found within the past 90 days. These are only the latest additions to an ever-growing club of sites found to be insecure according to various public sources and online tools used in the web security industry.

If you would like more information on our data and why these sites are listed here, please contact PCIS

Hacker Bait Sites With Vulnerabilities Discovered in Past 90 Days

Ask A Security Expert

"What is a phishing scam?"

Phishing typically involves someone sending an email that exploits the recipient's trust to get them to click on a link that will eventually result in identity theft. The link is essentially bait (as in, fishing bait) that will lure potential victims to an unfortunate end.

How does it really work? There are a number of methods phishers use. Some phishers will create a fake social networking profile, or just a new email account, in the name of a person you know. You get an email with a link stating they've updated their address or inviting you to check out some content on their site.

Clicking on the link provided takes your browser to a page the hackers can use to steal your information, which nonetheless appears to be the kind of harmless site you expected to see. It is easy to create sites that look very professional and virtually indistinguishable from the real page it is modeled on (assuming you know what that looks like). Next, you fill out a form and now the hackers have what they need to start using your information.

One way to help avoid this is to hover your cursor over hyperlinks to see if they match the link you're expecting to see. If you have any doubt about a link, try contacting your friend or colleague through another means (the phone, perhaps?) and just making sure the sender and the link are valid.

Boonbox and Pacific Coast Information Systems Ltd.

Boonbox is a division of Pacific Coast Information Systems Ltd., specializing in products for web security, network security, password management and data backup.

PCIS is a Vancouver-based company which provides strategic consulting, application development, technology solutions and managed services to companies and government organizations throughout North America.

HOW TO SUBSCRIBE/UNSUBSCRIBE

SUBSCRIBE: To subscribe to Cyber Security Informer, send a blank email message with subject line "SUBSCRIBE" to informer@pcis.com

UNSUBSCRIBE: If you do not wish to receive future issues of Cyber Security Informer, send a blank email with subject line "UNSUBSCRIBE" to:informer@pcis.com and we will promptly remove you from our distribution list.

WE WANT YOUR FEEDBACK

Our purpose for providing this free service is to keep our clients and business contacts informed of technology developments. This information can help them resolve common problems and achieve their full potential by strengthening their business processes and infrastructure. Your input is important to us and we welcome your ideas for new features and how we can continue to improve our service to you. Send your comments and suggestions to informer@pcis.com or contact us directly at 604.844.7558