Good morning everybody!
I was on WGAN this morning with Matt Gagnon, and we began talking about Cybersecurity and Businesses. We discussed some of the new Federal Regulations and how they are cracking down on businesses. We discussed some of the problems with work at home and then we discussed Cybersecurity training and Ransomware and why the Federal Government is now charging companies who pay ransoms Let’s get into my conversation with Matt on WGAN.
These and more tech tips, news, and updates just visit – CraigPeterson.com
Automated Machine Generated Transcript:
Craig Peterson: [00:00:00] Good morning, everybody. Craig Peterson here. Thanks for joining me. And I’d love to know what do you like about the podcast? Maybe something I should do more or something I should do less of just email, me @craigpeterson.com. I’d love to hear from you. This morning, I was on with Mr. Matt Gagnon over there on WGAN, which is a fun time.
I love talking to Matt, but now in the political season, of course, most of these radio stations are pretty busy with. Politics. So I don’t get quite as much time as I used to get on some of them, at any rate, we talked this morning, we covered three different topics as something we haven’t talked about with any of these other radio stations this week.
So here we go with Mr. Gagnon.
It’s all things. Technology tech talk with Craig Peterson right now on news radio 98, five FM and am five 60 WGAN
Matt Gagnon: [00:01:03] It’s seven 36 on a Wednesday. Great time to talk to Craig Peterson, our tech guru Craig, how are you this morning, sir?
Craig Peterson: [00:01:11] Good morning. Doing well.
Matt Gagnon: [00:01:13] Craig, are you heard on this very network on Saturdays? I’m under the impression you might be.
Craig Peterson: [00:01:17] Yeah. Yeah. Saturdays from one til three. It gives me a chance to delve into some of these topics a little bit more because we only have a few minutes here every Wednesday morning,
Matt Gagnon: [00:01:28] Indeed. Let’s get into that so that you have as much time as possible, Mr. Peterson. and I think that you have a lot of topics to deal with here today, but a couple of themes I’m seeing running throughout here is about security. One that caught my eye and it was pretty interesting to me was about employee apathy and how it is sort of combating against increased cybersecurity awareness. I. E. We all know more about cybersecurity, but we don’t really think any of this stuff is going to happen to us and that is the open door that’s necessary for a lot of it to actually happen? Interesting.
Craig Peterson: [00:02:01] Yeah, isn’t that kind of the norm though, for people just kind of in general so that it’s not going to happen to me, nothing. I need to worry about it, but it is causing some serious problems with the business.
When we’re talking about employees here, I don’t want just people to think of that man or that woman who might be manning the cash register. We’re talking about all the way up the chain. Businesses are having a serious problem right now because we’ve got some cybersecurity.
We know that we’ve got something that kind of work in the past. Like they had antivirus software and we’re not really aware of what’s going on in general. Now we got some serious problems right now with the federal government, finding China, Russia, and others in our systems. In fact, there was an emergency order that came out just about a week ago now for anybody that is a department of defense contractor or subcontractor, even if all you do is mow the lawn for someone, that’s a contractor to the department of defense.
Now you have to have serious cybersecurity. The reason that they ended up doing this is that even though the rules were passed four years ago, everybody was saying, it’s not going to, it happened to me. I don’t need to worry about it.
Matt, they were pencil whipping forms. So now they are coming down hard. I know a contractor who called me up last Friday saying, Hey, I’ve got a bit of a problem here. I’ll tell this story a little bit more, but they lost 70%, seven zero percent of their business faded away. They couldn’t find out why a general contractor for the federal government was no longer ordering from them.
It had to do with their apathy from soup to nuts. They were not trying to be secure. So we’ve got to pay attention. They really are coming after us, Matt.
Matt Gagnon: [00:03:58] Craig Peterson, tech guru joins us to this time, every Wednesday to go over the world of technology.
Speaking of security, remote workers are causing, perhaps a little bit of a rethink in cybersecurity as well. What’s that all about?
Craig Peterson: [00:04:12] Yeah. You’d think that again, we’ve got so many people working remotely that we’d have it down by now. We’ve been doing this since March-ish timeframe here for most of our companies. But the biggest problem we’re still seeing is a misconfiguration. Right? Machines, not patched up, businesses using VPNs incorrectly, that are giving direct lines into our businesses.
Then our employee is going back to the apathy thing where we’re not taking some of the training, seriously. Every business nowadays should be doing some training. That training means that they are looking at phishing attacks. What are the bad guys doing? What do we have to be careful of now?
So be very careful if you’re working from home, remember that VPN is like a tracer, right? I’ve tracer round works both ways. You can see where it’s going and you get to see where it comes from. A VPNs the same way you can use it to get securely into your business network, but the opposite can happen. Someone else on your network, some malware, any network, and also use it to get into your business.
It gets very dangerous.
Matt Gagnon: [00:05:24] The other thing that was, is security related that I found fascinating Craig in, uh, in the list of stuff that we’re going to talk about today is about what actually happens. If some sort of an attack happens like a ransomware demand is made. Then you actually pay it, that could get you in a different world of trouble.
Could it not.
Craig Peterson: [00:05:41] Yeah, this didn’t use to really be the case. If you were ransomed and your data was ransomed, typically because of encryption, as opposed to extortion, where they’ve stolen your data and they are telling you, if you don’t pay up, we are going to release all of your data that we stole from you online publicly, which is really bad too.
In this case, where your data has been encrypted, a lot of businesses
have paid the ransom in fact, businesses that are supposedly out there to decrypt your data and get it back for you. Many of those have been paying the ransom. So the treasury department has gotten finally a little bit of a crackdown here and they published just this last week.
Some new guidelines. Basically, if you are paying a ransom, you are paying a ransom to criminal organizations, terrorist organizations, and enemies of the United States. Therefore it is clearly illegal under federal law.
Now the other side of this is if you pay a ransom, the odds are only about 50%. Only about half of the time will you get all of your data back? So that’s something to think about.
Then the other thing is you are not just encouraging them to ransom some more people. You’re also saying, Hey, We are a company that pays ransoms. So yeah, go ahead and break in again and hold our data ransom and we’ll pay.
The FBI has long advised against it, and now they’re cracking down on the legal process on those people, but businesses do pay the ransom.
Matt Gagnon: [00:07:20] All right, well that is Craig Peterson. Once again, you can hear him on this very network to get into these stories and so many more in more depth on Saturday WGAN.
Craig, we appreciate you. So much as we always do on Wednesdays and we’ll talk again next week.
Craig Peterson: [00:07:33] All right. And I’ll be back at one on Saturday
Matt Gagnon: [00:07:36] Indeed. Thanks a lot, Craig.
Craig Peterson: [00:07:38] Keep an eye out also in your email, I’ve been working on a new little, three-minute coaching session and these things are just taking some time. Right. But we are getting there. We’ll be getting those out, the little videos and. And I’m putting transcripts burned right into the video.
Plus if you click on the link in the email, it’ll take you to my website where I have a transcript right there. So if you’d rather just read about the topic I’m talking about, and we’re talking about all of the stuff you might expect. VPNs and two different types of security things you need to look at.
You can just read it right there on my website. So keep an eye out for the email. You can just click through, watch the video. You can listen to it. You can see the transcript going by, or you can just plain old read the transcript. How’s that for making it easy for everybody?
All right. Take care and we’ll be back hopefully before the weekend, I’ll be able to get another one of these out.
Take care. Bye-bye.
More stories and tech updates at:
Don’t miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text: