May 26, 2019

Simple Steps to a Secure Password

If you’ve had to reset any of your passwords, you’ve run into the stricter requirements that all websites are now enforcing.  These requirements may include using both lower and upper case letters; using numbers; or using a symbol.  By incorporating these, your making a secure password, and  you’re helping to ensure the privacy of your information.

But how can these simple and effect steps create a secure password?

The longer and more complex your password is, the better.

With the increasing amount of online purchases and transaction, safeguarding your information is more important than ever.

Here are 5 other easy ways to help you create a more secure password.

1. Use a password phrase

  • A quote for your favorite movie, book, poem, or song:  ‘You’re gonna need a bigger boat’[1]
  • A famous saying:  ‘My fellow Americans’

2. Substitute numbers and symbols in place of letters

  •  Leaves of Grass  —>  Le@v3 of Gr4$$[2]

3. Create an acronym

  • ‘Toto, I’ve got a feeling we’re not in Kansas anymore’[3] —>  TIGAFWNIKA

4. Misspell or write your password backwards

  • Broadway  —>  Braodway
  • Broadway  —>  yawdaorB

5. Create a pattern on your keyboard

  • Make a zigzag pattern by using letters and numbers that are above or below one another for example, FT6yhu8IK

 


[1] JAWS, 1975

[2] Leaves of Grass, Walt Whitman

[3] Wizard of Oz, 1939

October Is National Cyber Security Awareness Month With A Message Of Action & Intelligence: STOP. THINK. CONNECT.

October 1 marked the start of National Cyber Security Awareness Month (NCSAM) for 2013, a U.S. initiative aimed at making sure everyone has the resources they need to protect themselves online. Zephyr Networks completely supports the number one goal of NCSAM: “Each and every one of us needs to do our part to make sure that our online lives are kept safe and secure.” Although  National Cyber Security Awareness Month is focused on both individuals and businesses, Zephyr Networks has seen the threats to the cyber security of small to mid-sized businesses becoming more and more dangerous in the past year.

National Cyber Security Awareness Month

Zephyr Networks is proud to quote from the About page on the National Cyber Security Awareness Month website that illuminates the mission of the project:

cyber security awareness, zephyr networks, network solutions

STOP. THINK. CONNECT.

Cybersecurity is the mechanism that maximizes our ability to grow commerce, communications, community and content in a connected world. / The Internet is a shared resource and securing it is Our Shared Responsibility… No individual, business, or government entity is solely responsible for securing the Internet. Everyone has a role in securing their part of cyberspace, including the devices and networks they use… If each of us does our part—implementing stronger security practices, raising community awareness, educating young people, training employees—together we will be a digital society safer and more resistant from attacks and more resilient if one occurs. 

When it comes to our clients, Zephyr Networks also would like to pass on the central message of National Cyber Security Awareness Month: STOP. THINK. CONNECT. What is key about this message is that it focuses on combining action with intelligence. STOP means take a breath and look at your cyber vulnerabilities and what needs to be done. This is what Zephyr Networks does with new clients when we first analyze their business model, their network security, their cyber security and computer systems.

THINK means diagnosis before treatment for us. Zephyr Networks does not offer a blanket program for every company that comes to us for help. Instead, we diagnose the specific problems each company faces, then we offer treatment that makes sense for that company. Our goal is to help your company, not spend your valuable capital on programs and technologies that will sit idle and do nothing to protect your cyber security.

Connect With Cyber Security Experts

For Zephyr Networks, CONNECT means work with cyber experts and network professionals who are on the cutting edge of the technology industry. Nothing changes faster in our society than technology and the Internet. By connecting with our clients, the tech experts at Zephyr Networks learn about their business challenges and their real needs. We protect your cyber security by first understanding your business, then providing a cyber solution that makes sense.

One of our main goals is the same as the mission of the NCSAM: “Take security and safety precautions, understand the consequences of your actions and behaviors online and enjoy the benefits of the Internet.” To learn more about how we can protect the cyber security of your company, call Zephyr toll free at (800) 884-7559 or fill out our handy contact form.

 

 

The United States And Japan Hold Bilateral Cyber Dialogue Conference On Cyber Security

In May of 2013, the United States and Japan held their first ever bilateral talks on cyber security and cyber defense. The focus of the Tokyo conference was the prevention malicious and intentional cyber attacks and data breaches. The genesis of the conference between the United States and Japan were the cyber attacks and data breaches by government-sponsored hackers traced back to China. Zephyr Networks fully supports such international efforts by states to address questions of cyber security and cyber defense.

Cyber Security, cyber defense, cyber dialogue

Cyber Security Leads To Bilateral Conference

Both the United States and Japan view such cyber attacks, including, hacking and the use of viruses, as a growing threat to national security. Being state-sponsored in China, the cyber attacks are becoming more and more sophisticated, demanding greater measures to ensure cyber security. The two-nation conference came in the wake of a report by the US Pentagon accusing China of cyber spying against the American government. Beijing naturally denies the allegations, saying it’s impossible to tell where the attacks originated.

Joint Statement From Cyber Security Conference

Here is an excerpt from the joint statement after the conference:

The U.S.-Japan Cyber Dialogue deepened bilateral cooperation on a wide range of cyber issues and strengthened the U.S.-Japan Alliance by:

  • Exchanging information on cyber issues of mutual concern and discussing possible cooperative measures.
  • Affirming common objectives in international cyber fora, especially the application of norms of responsible state behavior in cyberspace.
  • Supporting the development of practical confidence-building measures and the implementation of national whole-of-government cyber strategies in an effort to reduce risk in cyberspace.
  • Confirming support for the preservation of openness and interoperability enhanced by the multi-stakeholder system of Internet governance.
  • Coordinating cooperation on cyber capacity-building efforts in third countries.
  • Identifying actions governments and private sector entities can take to secure critical infrastructure.
  • Addressing the increasing role of cyber defense in national defense and security strategies and discussing new areas of bilateral cyber defense cooperation.

If Japan and the United States are able to turn these common objectives and goals into actual reality, Zephyr Networks believes the Cyber Dialogue Conference produced some real value. It will take time to see what happens, but without question as the hackers get more sophisticated, cyber security experts must do the same. If you want to learn more about how we can help your company with cyber security, please call Zephyr Networks toll free at (800) 884-7559 or fill out our handy contact form.

 

If IT Professionals Doubt The Cyber Security Of Their Large Companies, How Can Your Small To Mid-Sized Business Protect Its Valuable Data?

The cyber defense and cyber security of their own companies are not respected by a majority of IT professionals. Zephyr Networks was not surprised when it was revealed that IT Security Professionals do not have faith in the cyber security of their own companies. A survey conducted recently revealed that more than 70% of IT security professionals would not be willing to bet $100 of their own money that their companies will not suffer a data breach in the next six months.

Carried out in February at RSA Conference 2013, the survey measured the attitudes of nearly 250 IT security professionals and the way their organizations manage cyber security. Nearly 50% of respondents work in organizations with more than 1,000 people. What was astounding is that the study revealed that a third of organizations do not have a policy making it compulsory to change default passwords when deploying new hardware, applications and network appliances to the corporate network.

Cyber Security Under Siege All Over

cyber security, network security, data breaches

Is Your Cyber Security Under Siege?

What bothers Zephyr Networks is if this is the cyber security perspective of IT security professionals at mostly large, well-funded companies with over 1,000 employees. If that is the case, what is the cyber security situation like for small to mid-sized businesses in America? While vendors of conventional security products like firewalls and anti-virus software are constantly updating their tools to reactively protect against the latest threats, hackers are looking for flaws. As this is being written, a hacker somewhere is engineering a new attack to exploit the latest updates.

The reality is that 100% protection is nearly impossible to achieve, particularly by professionals caught in the bureaucratic web of a company. Zephyr Networks knows, however, that best practices for securing access to critical systems and data are readily available if you work with an external network security provider. The key of working with a company like Zephyr Networks is providing your network security with the expertise and experience of an external eye.

Password Protection For Your Company

If you are worried about the cyber security and the cyber defense of your company, please contact Zephyr Networks today. When it comes to ensuring and maintaining your network security, we are your solution. To learn more about how we can protect your company, call Zephyr toll free at (800) 884-7559 or fill out our handy contact form.

2013 Verizon Data Breach Investigations Report Reveals Increased Need For Network Security And Cyber Defense

network security, data breach, verizon report

Network Security & Verizon Data Breach Report

The focus of the 2013 Verizon Data Breach Investigations Report is you should know how your network security is vulnerable to data breaches by knowing your enemy. In order to know your enemy, you have to know yourself first and your vulnerabilities. Zephyr Networks found the  2013 Verizon Data Breach Investigations Report to be a treasure-trove of data that underscores the importance of organizational self-analysis in determining what attackers want and how they are likely to go after it. The problem is that self-analysis is difficult when your staff is caught in the web of your business and its bureaucracy. Such a perspective reinforces the need to work with an outside provider like Zephyr Networks to protect your business

Verizon Data Breach Report Informs Network Security

The report is Verizon’s annual analysis of data breaches and breach investigations conducted in the previous year. In addition to Verizon’s own data, this year’s Data Breach Investigations Report (DBIR) includes breach incident data from 18 other organizations around the world (see below), including more than a dozen first-time contributors. Prior to analysis, Verizon once again standardized its breach dataset, this year encompassing 621 breach events and more than 44 million compromised records, using its VERIS incident-sharing framework.

Data points in the 2013 DBIR indicate clear patterns in the motives and methods adversaries used for successful data breaches. Of the 92% of breaches in this year’s data set that were caused by external threat actors, Verizon tied more than half (55%) to purely profit-driven organized criminal groups. According to Verizon, these profit-driven adversaries are most interested in companies in the finance, retail and food services industries, and their attacks most often originate from countries in Eastern Europe or North America. Not surprisingly, attackers seeking immediate profit favor payment data and personal information.

What is even scarier from the perspective of Zephyr Networks is that the focus of data breaches is not what most people expect. Small to mid-sized companies are more likely to be the victims of such attacks than major organizations. The difference is that any successful attack on a major organization receives a lot of external publicity as news. The truth is that cyber-espionage-related data breaches among companies with fewer than 10,000 employees happened more frequently than at larger firms by an 81-to-19 ratio.

Small To Mid-Sized Companies In Data Breach Danger

Kyle Maxwell, senior analyst with Verizon, explained: “Small attorney firms or professional services firms are getting compromised because they have sensitive data on clients. So rather than try to breach a large, well-defended network, it’s easier just to compromise the outside counsel or auditing firm, and get financials statements or plans for M&As [mergers and acquisitions] or other trade secrets from those firms . . .. Organizations can’t take a one-size-fits-all approach to their defenses; different types of attackers use different methods. Organizations of all sizes and all sectors need to understand their threats and plan accordingly rather than assume they can set up static defenses that’ll work for everything.”

A new twist in this year’s DBIR is the inclusion of more than 47,000 reported network security incidents, yet Verizon carefully delineated data points from that larger data set from those drawn from confirmed data breaches. Despite Verizon’s efforts to improve how it quantifies breach data, perhaps the most frightening data point in the entire report involves organizations’ inability to quantify data loss. According to Verizon, of the breach events comprising its data set, organizations had a complete and reliable count of compromised records only 15% of the time. In other words, in 85% of breach incidents, the organizations could not determine the full extent of the breach. Alexander said Verizon’s findings highlight how important it is for organizations to conduct a baseline inventory of sensitive data. It is essential to be able to discover what’s missing or what has been tampered with in the wake of a network security or data breach incident.

Zephyr Networks is grateful for the quality and precision of the 2013 Verizon Data Breach Investigations Report. Such a report helps us know how to provide better cyber defense and network security services to our clients. If you are worried about the network security and the cyber defense of your company, please contact Zephyr Networks today. When it comes to ensuring and maintaining your network security, we are your solution. To learn more about how we can protect your company, call Zephyr toll free at (800) 884-7559 or fill out our handy contact form.

 

2013 DBIR CONTRIBUTORS

The following organizations contributed breach incident data to the 2013 Verizon Data Breach Investigations Report.

First-time contributors are denoted with an asterisk.

Australian Federal Police (AFP)
*CERT Insider Threat Center at the Carnegie Mellon University Software Engineering Institute
*Consortium for Cybersecurity Action (CSIS control mapping)
*Danish Ministry of Defence, Center for Cybersecurity
*Danish National Police, NITES (National IT Investigation Section)
*Deloitte
Dutch Police: National High Tech Crime Unit (NHTCU)
*Electricity Sector Information Sharing and Analysis Center (ES-ISAC)
*European Cyber Crime Center (EC3)
*G-C Partners, LLC
*Guardia Civil (Cybercrime Central Unit)
*Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)
Irish Reporting and Information Security Service (IRISS-CERT)
*Malaysia Computer Emergency Response Team (MyCERT), CyberSecurity Malaysia
*National Cybersecurity and Communications Integration Center (NCCIC)
*ThreatSim
*U.S. Computer Emergency Readiness Team (US-CERT)
U.S. Secret Service
Verizon