Tag Archives: cybersecurity

Podcast & transcript: What Business Owners need to know about Hacking threats

Posted By |
IT expert Darren Coleman of Coleman Technologies

In this episode of Two Way Traffic wealth management advisor Darren Coleman — who specializes in cross-border financial issues — discussed IT security with his namesake, Darren Coleman. Darren is founder of Coleman Technologies Inc., which handles IT managed services and cyber services. The latter Coleman – he’s been called Canada’s top IT expert – leads a team of technicians based in Langley, BC and Dallas, Texas. He says hacking is a trillion-dollar industry and business owners should take note.

Podcast host Coleman drew parallels between financial services and cybersecurity. He said he looks for gaps in a client’s financial plan, while in cybersecurity Coleman the IT expert looks for gaps or vulnerabilities in multi-factor authentication, threat protection to ensure business resilience, and endpoint protection (cybersecurity software that protects from viruses, malware and ransomware).

The two agreed what’s necessary in both their industries is prevention and managing risk. Another point is that Canada and the US have different tax regimes, and different laws for regulatory compliance.

“The U.S. government can gain access to your data if they want it,” said IT expert Coleman. “We believe the Canadian government can’t, but there are ways they can get it too.”

Their discussion explored …

  • Why clients of wealth management firms are good targets for hackers and what to do in a security breach when asked to pay a ransom.
  • How multi-factor authentication can prevent 99% of email breaches.
  • Why organizations devote too much security attention to senior management and not enough to everyone else.

Here is a link to the podcast …

https://podcasts.apple.com/ca/podcast/the-business-of-hacking/id1494816908?i=1000672496679

Darren Coleman of Raymond James [Darren Coleman or Darren #1 henceforth]

Welcome back to another edition of Two Way Traffic, the cross-border podcast. Today my guest is now, let me see if I pronounced your name correctly. Darren Coleman.

Darren Coleman of Coleman Technologies [Darren C #2 henceforth]

You got it.

Darren Coleman

So you and I are namesakes. You run a firm in Langley, BC called Coleman technologies and do outsourced IT infrastructure. You are a cybersecurity expert. Why don’t you take us through Coleman technologies.

Darren C #2

I am the founder and CEO. Part of my mission is to help protect a million people from hackers, so being here on your podcast supports that cause. I’ve shared my cybersecurity insights on ABC, Forbes, MSB Success Magazine. I’ve spoken at Harvard, and co-authored some books. So that stuff led my company down the road to be an expert within the cybersecurity realm. But more than that, we provide 24/7, direct-detect, flat fee, IT support to our clients. We really just become your IT department.

Are there off-the-shelf tools?

Darren Coleman

Our firm has a huge IT spend every year, but for a lot of medium and small businesses, can they not just get all the tools off the shelf?

Darren C #2

Not really. You can hire an IT professional, but you’re probably going to hire multiple people because they’re going to want to take holidays. You’re going to be looking at double the cost right there. But you can’t just buy antivirus. Antivirus isn’t good enough anymore. You need endpoint protection, threat hunting, content filtering, and audits. There are things the IT professional may be good at, but there are  things you need an expert for. If you’re looking for cybersecurity insurance, the forms are 10 or 12 pages long and require things you might not think about. Continue Reading…

Fraud was bad during pandemic, but poll finds it could get worse if recession hits

Posted By |
Image from Unsplash

Kevin Purkiss, vice president, Fraud Management, RBC

Special to Financial Independence Hub

While we don’t always want to think about the risk of fraud, it’s never been more important to stay vigilant. During the pandemic we saw a sharp rise in fraud attempts, but it may be about to get worse if we end up in a recession later this year.

Not only have we seen a strong correlation between increased fraud and economic slowdowns in the past, but many Canadians believe a recession will make fraud even more risky, according to new RBC research.

The poll found that 78% of Canadians believe a recession will increase everyone’s fraud risk and 42% think it will be harder to spot scams during a recession than in the pandemic. Three quarters (75%) also believe that it’s easier to fall victim to a scam when you’re struggling financially and 36% are simply too worried about other issues to be concerned about fraud.

While it’s understandable that Canadians have a lot on their minds and don’t want to think about fraud, scams are getting harder to spot and fraudsters are becoming more sophisticated. This is why we all need to continue to stay aware and take steps to protect ourselves.

Missing the signs of fraud is costing us money

Our research also found that 32% of respondents are concerned they are already starting to miss the signs of potential fraud and 71% are worried it will be harder to spot the signs of fraud as they get older.

Almost a quarter (23%) have been a victim of fraud or fallen for a scam, with 14% saying they lost money because of a scam. While the average lost was $400, 6% of respondents say they lost more than $10,000.

Apathy about fraud risk among Canadians 18-34

More than half (53%) of adult Canadians under the age of 35 say they share more information online than they should and 44% say they are quick to share personal data to get access to an offer, website, app or service. Thirty-five per cent of this age group also perceive fraud as something that happens to others, but not to them, and 33% have never been worried about falling victim to a scam. Continue Reading…

Are your Online Shopping habits compromising your Financial Security?

Posted By |
Image: Unsplash

By Beau Peters

Special to the Financial Independence Hub

Incredible advancements in technology have made it so we don’t ever need to leave the house to buy the stuff we like. You can buy anything from food to video games from the comfort of your home and have it delivered the next day. However, while convenient, the rise of online shopping has also made it easier than ever to overspend and put our information in the hands of hackers and cybercriminals. It is important to know your limits and shop responsibility.

Today, we will talk a bit about the dangers of shopping online and what you can do to protect your data and your pocketbook.

Awareness of the Risks

If you watch the news, then you have likely heard reporters talk about the criminals that use online spaces to steal the money of consumers. The reality is that if you do anything online, then hackers can get to it. According to Help Net Security, 62% of consumers believe that online shopping fraud is a real threat, yet, most people continue to use e-commerce sites for their needs. The reason is likely because they don’t really understand how bad stolen data can be.

The fact is that if a hacker is able to get ahold of your credit card or debit card numbers, they can steal and retain that information and use it to take out fraudulent loans on your behalf. Even the personal data that you put online, like email addresses and birthdays, can be sold to other hackers for profit.

There are several threats to be aware of, including unencrypted websites. When you shop on any site, you must look at the web address and ensure that it says HTTPS before the website name. The “S” in this case stands for secure, and it means that the website automatically encrypts your payment information so it cannot be read by hackers even if it is stolen.

You must also be cautious when you are shopping on your phone, especially when you are out in public. Hackers can set up fake Wi-Fi networks that can look like the real deal, but when you connect, you are really connecting directly to the hacker. From there, they can steal your data and log into your bank accounts. This is why it is so important to be vigilant about online security wherever you go.

Before you buy anything at a website that you have never shopped at before, take a look around the site for red flags. For instance, if the website does not have a returns policy that you can easily find and review, then it may mean that it is a scam. Also, be aware of spelling mistakes. It is human nature to make a spelling error here and there, but if the website is littered with errors, then it may mean that it was put up in a hurry and the site is not legitimate.

Be Smart about Payment Info and Documentation

It is essential that you are aware of how you use and store your payment information as you do your online shopping. Many companies give you the option to store your payment information on their website for the sake of convenience. But you should know that if that store is not secure, then your financial security could be in jeopardy. So, if you must keep your card information saved at that company, then ensure that they are encrypted, and if you are unsure, then shop elsewhere.

If you do decide to keep your payment information on a website, you must make it a habit to routinely check your debit and credit card statements. If that website is hacked and your card information is stolen, then hackers can continue to use your payment info to make fraudulent purchases. By checking your statements, you can spot false charges right away and file a dispute with the bank.

Also, consider how you store and access those statements. If you view them online at your banking or credit card website, then ensure that you protect your data by adding a complicated password complete with letters, numbers, and special characters. Make your password hard to guess and change it regularly.

Some people choose to download their statements and save them to their computers for future review. If you do the same, then you still need to be cautious because hackers can also get into your device and read the information you have on those statements. Once the documents are on your computer, consider redacting your personal information off of those PDF files, so it cannot be read by others. Doing so will black out your name, address, account number, and other sensitive information so you can keep your files without fear of theft.

Be Smart about your Money

The other potential downside to online shopping is that the instant access makes it too easy to give into temptation and buy more than you need. It can only take a few seconds to find that you have spent the money that you need to pay the bills. That is why it is always a smart idea to create a budget so you can ensure that you stay within your limits.

It is important to consider your wants and needs when budgeting. You may want to buy that new sweater or television set, but are there expenses that you absolutely need to pay before you can splurge? Sit down and write down all of your monthly expenses, including childcare, food costs, utilities, and rent. Compare those necessary costs with the money you have coming in each month. If there is anything left over, then you can dedicate some of that to your online shopping desires.

Part of financial security is not letting your debt get so out of hand that you dig yourself into a deeper hole. If you have debt on credit cards, then it is important that you focus on eliminating it before you spend more unnecessary money. You can do that by adding your credit card payments into your budget, paying more than the minimum each month, and if you have more than one card, then pay off those with the highest interest first. Then, once you pay off your debt, reward yourself with something nice.

As you can see, it is important that you are smart about how you shop online. By shopping with a plan, you can avoid scams and improve your financial situation so you can have a brighter future.

Beau Peters is a creative professional with a lifetime of experience in service and care. As a manager, he’s learned a slew of tricks of the trade that he enjoys sharing with others who have the same passion and dedication that he brings to his work. When he is not writing, he enjoys reading and trying new things.

Trust no one: Zero Trust Architecture and the next generation of Data Protection

Posted By |

Zero Trust Architecture (ZTA) is fast becoming the security model of choice as businesses worldwide recognize the need to better protect their networks and assets in light of today’s growing remote workforce.

By Anthony DeCristofaro

Special to the Financial Independence Hub

For many organizations, remote work began as a pandemic-induced novelty. More than a year later, however, it has become the new normal. Even when the world officially reopens, a large number of employees who have experienced the perks of working from home will no doubt be requesting the flexibility to continue doing so – that is, if their employers actually plan on transitioning back to a physical workplace.

Remote work presents new data security challenges: even for top-notch VPN

Granted, a reliable VPN will substantially lower your chances of being hacked. However, as the past year has shown us, even the most highly rated VPNs are far from foolproof. While they’ve always had their fair share of vulnerabilities (thus the need for constant updating), VPNs have been under constant assault since the pandemic began.

For example, one extremely sophisticated attack compromised more than 900 Pulse Secure enterprise VPN servers enabling the attackers to gain access, steal account credentials, and exfiltrate other sensitive data belonging to victim organizations.

The more employees using your VPN, the greater your network’s vulnerability

Pre-COVID, you had maybe 10% of employees using your VPN one or two days a week. Now, you likely have 90% of employees or more using your VPN five days a week. Each one of these employees creates a new point of vulnerability.

Your VPN can’t protect remote workers from malicious cyber activity. If just one compromised employee uses your VPN, you could soon have yourself an intruder. It’s a company’s worst nightmare and an attacker’s dream come true.

Zero Trust Architecture (ZTA) is the way forward

According to Gartner IT Research, “by 2022, 80% of new digital business applications opened up to ecosystem partners will be accessed through zero trust network access,” and 60% of enterprises will transition most of their remote access VPN solutions to ZTNA by 2023.

Unlike VPNs, platforms that operate with Zero Trust Architecture (ZTA) assume that security breaches happen – and rightly so. Take the recent Colonial Pipeline incident.

In May 2021, the fuel operator responsible for carrying 2.5 million barrels of fuel per day was temporarily shut down after being held for ransom by cybercriminals. This, combined with similar cyberattacks on SolarWinds, Microsoft Exchange, and others, prompted The White House to issue an Executive Order in support of a zero trust approach to security. Continue Reading…