Reysen, Jim Account, Sidney Smith discussed on Web and BeyondCast
So great point there, and what is extremely frustrating for me is that I have at least an I'm no different than anyone else hundred accounts that have passwords I have bank accounts I have social media accounts, I have email accounts. I have by Jim Account, this not everybody has all the stuff and I'll talk about password managers later and the portent of not repeating passwords because I've been guilty of it. You know I might say rate Sidney Smith one, and then for one account Reysen he says to and I'll just go back and forth you know so I've ever forget it. Okay. It's one of those two. For Four, the records not rates, a D Smith and you're either. If it is I'm I'm bladder. Maybe my next faster. And finally, fifth one which was My I, think the most interesting one is the insider threat. it's often insidious because the person is already a trusted insider. You've already give him the keys to the kingdom and a lot of cases and they're working. From Within. And for that, you need high staff security awareness. If system checks, role based access controls, nominally detection of title about that. But if you don't think you could be attacked by an insider I will tell you that I work with a business partner in another business where we've on fifteen staff members and a three separate occasions, we've had insider attacks stealing data. And these are people that we vetted and people that we trusted in people who got. references from well respected people may came in they solar date and they left and they sold it elsewhere. and. That's very damaging to a small business. You're in a if data is your business that could be crippling. So nobody is too small. So. Yeah. Those are the those are the top five. That, I see as sort of the biggest threats to small business. Great and so moving moving right along. I WanNa talk a little bit about what are some of the things that knowing those attacks those unique risks that small business owners face our small. Businesses by virtual of the name, right we may be in size, but we are big an impact and might curiosity is always around the idea of what can we do? What are the things that concretely we can do is business owners to prepare like pre attack or in the case of unwitting ness enemy we're round these attacks happening We see maybe the local pastry shop they they were attacked. You know a couple of weeks ago. Yeah that's not us So unaware when in reality we were emailing back and forth with the owner that pastry shop and we've already been infiltrated in. Some way shape or form whether that'd be by fishing or otherwise some kind of e mail attack click on the link you name it and so we're unaware what are those things we can do to kind of level our cybersecurity resilience are cyber resilience up in those cases sure and use the great word their unwitting I should have mentioned in my insider threat point that two thirds of insider threat incidents are unwitting so that somebody who's manipulated who is.