Friday, September 14, 2018

Cyberwyze Celebrates the 2018 National Cybersecurity Awareness Month

October is the National Cybersecurity Awareness Month (NCSAM) and at Cyberwyze, we will be celebrating this very important and crucial cybersecurity awareness event throughout the month of October 2018.  

Please join Cyberwyze in observing and practicing great cyber hygiene while online and offline in order to protect our privacy and the security of personal, organizations, and our nation’s critical infrastructures, networks, systems, and sensitive information from cyberattack.

Cyber crimes do not discriminate; they target vulnerable computer systems regardless of whether they are part of a government, not-for-profit, large corporation, a small business, or belong to an individual or home user. Cybersecurity is everybody’s business; it is a shared responsibility in which all Americans have a role to play. 

We are the best defense of our privacy and the security of our personal and organization’s networks and systems as well as sensitive information.  Throughout the Month of October 2018 and always, please let us try and observe the following weekly security tips to help us practice excellent cybersecurity hygiene that fortifies us and our networks and systems against cyber-attacks.

At home or work, we likely have access to sensitive information whether we realize it or not. Whether we are working with sensitive information or seemingly less-important documents, attackers can utilize this information to their advantage. It is important to safeguard our personal sensitive information as well as the sensitive information entrusted into our care at our places of work to protect ourselves, our organizations, and nation.

Always Stop. Think. Before You Connect.

Be Aware and Cautious!!!

Tuesday, October 31, 2017

FIVE WAYS TO BE CYBER SECURE AT WORK from the Stop.Think.Connect. of the Department of Homeland Security in commemoration of the National Cyber Security Awareness Month 2017

Businesses face significant financial loss when a cyber attack occurs. Cybercriminals often rely on human error – from employees failing to install software patches to clicking on malicious links – to gain access to systems. From the top leadership to the newest employee, cybersecurity requires the vigilance of every employee to keep data, customers, and capital safe and secure.


Follow these simple tips from the Stop.Think.Connect.™ Campaign to help foster a culture of cybersecurity in your organization:

1.   When in doubt, throw it out
Stop and think before you open attachments or click links in emails. Links in email, instant message, and online posts are often the way cyber criminals compromise your computer. If it looks suspicious, it’s best to delete it.

2.  Back it up
Make electronic and physical back-ups or copies of all your important work. Data can be lost in many ways including computer malfunctions, malware, theft, viruses, and accidental deletion.

3.  Guard your devices
In order to prevent theft and unauthorized access, never leave your laptop or mobile device unattended in a public place and lock your devices when they are not in use.

4.  Secure your accounts
Use passwords that are at least eight characters long and a mix of letters, numbers, and characters. Do not share any of your usernames or passwords with anyone. When available, turn on stronger authentication for an added layer of security, beyond the password (such as two-factor authentication or even more as a defense in-depth measure).

5.  Report anything suspicious
If you experience any unusual problems with your computer or device, report it to your IT Department.

FIVE EVERY DAY STEPS TOWARDS ONLINE SAFETY from the Stop.Think.Connect. of the Department of Homeland Security in commemoration of the National Cyber Security Awareness Month 2017

Cybersecurity is present in every aspect of our lives, whether it be at home, work, school, or on the go. Regardless of one’s technical ability or background, there are simple steps everyone can take to stay safe online.


Protect yourself online and help to make the Internet safer and more secure by following these simple tips from the Stop.Think.Connect.™ Campaign:

• Enable stronger authentication. Always enable stronger authentication for an extra layer of security beyond the password that is available on most major email, social media and financial accounts. Stronger authentication (e.g., multi-factor authentication that can use a one-time code texted to a mobile device) helps verify that a user has authorized access to an online account. For more information about authentication, visit the new Lock Down Your Login Campaign at

• Make your passwords long & strong. Use complex passwords with a combination of numbers, symbols, and letters. Use unique passwords for different accounts. Change your passwords regularly, especially if you believe they have been compromised.

• Keep a clean machine. Update the security software, operating system, and web browser on all of your Internet-connected devices. Keeping your security software up to date will prevent attackers from taking advantage of known vulnerabilities.

• When in doubt, throw it out. Links in email and online posts are often the way cyber criminals compromise your computer. If it looks suspicious (even if you know the source), delete it.

• Share with care. Limit the amount of personal information you share online and use privacy settings to avoid sharing information widely.

Friday, October 13, 2017

Cyber Warfare:  How Lack of Due Care, Due Diligence, and Negligence are Quickly Turning the World’s “Nightmare” into an Unwelcome Everyday Reality

It is October, and once more, we at Cyberwyze join our nation in observing the yearly Cybersecurity Awareness Month with hope and confidence for a more secure America, a luxury that we once took for granted, but not anymore; the difference is so obvious, as cyberwarfare rages on.
With the daily headline news, most times, highlighting information security breach, it is obvious to all of us now that cyber warfare is no longer a probability; it is now a global reality, more so for the United States government and its citizens.  However, the United States is more than capable to confront this monster and its perpetrators head-on and prevail.  This, also, is a reality.  Cyber warfare is no longer a “nightmare”, that can be wished away; rather it has become a complex, nagging headache that won’t go away with an over-the-counter medication.  Therefore, it demands to be ruthlessly responded to and eliminated, regardless of how long the battle rages on.  This is the reason the United States cannot relax until she has overwhelmingly helmed in all who are bent on destroying the U.S. government and its citizens regardless of the level of their “frequency and sophistication of intrusions into United States networks, and I confidently attest to the great job that the information security professionals in this nation are doing to stop this monster.
However, considering the frequent breaches and intrusions into our nation's networks, it is becoming increasingly disconcerting how the lack of due care, due diligence, and negligence continue to make all the efforts of some conscientious and selfless information security professionals nothing but a load of frustration.  Fair enough, the enormous number of daily attacks is enough to engender security fatigue, however, there is a maxim that wisely states that “he who is surrounded by adversaries is always on guard for his life”.  Therefore, to directly face this challenge effectively and prevail regardless of the daunting nature of this undertaking, the management and key stakeholders who are responsible for governance need to seriously and diligently ensure that every “t” is crossed and every “i” is dotted; nothing left undone with constant audit and monitoring of the activities occurring in their respective organization's networks.  Talk of going the extra mile all the time―that is exactly what the information security threat environment calls for, absolutely no dilly-dallying, or unnecessary bureaucracy.  This is war; it is either fight, with absolute vigilance, or die. Period.
The importance for the U. S. government to mandate putting in place sophisticated advanced persistent threats (APTs) and risk-mitigation strategies to detect backdoors, trojans, and malicious codes to protect all the nation’s computer networks, public and private, taking cue from what Microsoft and other computer technology companies have done for their organizations and supply chains can never be overemphasized .  These strategies must, of paramount importance, take into consideration speed as a frontline defense strategy as well as due diligence (extra care and vigilance 24/7) among other things if it plans to prevent any further intrusions into the nation's computer networks, both public and private including individual citizen's homes and businesses, and, of course, to remain the world leader in information technology.  This type of action is necessary to effectively guard against the theft of our sensitive information and destruction of our nation's critical infrastructure, logistical and operational plans, the commercial information and intellectual properties and trade secrets of her citizens and their businesses.
                So, without mincing words, I ask us, what will it take for us to wake up and smell the coffee, and understand the handwriting on the wall, and start taking the security of our nation’s assets and customers’ sensitive information seriously, and desist from mortgaging them at the altar of business margins or bottom line?  This nation can no longer condone negligence, and lack of due care and diligence, the most basic, non-technical house-keeping countermeasure in the cybersecurity domain, which is annoyingly and unacceptably so rampant within our organizations, as most have failed to put the security of their customers as a primary security responsibility, choosing rather to secure their bottom line at the expense of the source of their existencetheir most valuable assetcustomers and their information.  That is the reason that the recent information security breaches perpetrated on organizations such as Equifax, Yahoo, Target, to name a few, due to gross negligence and lack of due care and diligence is downright unacceptable, and must stop already!  Our nation has stringent information security laws, and now is the time to start seriously putting those laws into execution to waking up security-irresponsible organizations, because failure to do so becomes tantamount to aiding law breakers to the doom of this nation, that is already unimaginably under enormous millisecond-cyber-attacks daily.
Cybersecurity is everybody’s business, and the least that we all, responsible citizens and users of information and the cyberspace, can do, is to have a culture of due care and diligence, that goes a long way in the current cybersecurity threat environment to securing our assets and peace of mind to strengthen the efforts being made by security professionals in this nation to effectively combat and eradicate cybercrimes.  It is not enough to merely deploy and implement expensive security technologies, while shirking the responsibility of maintenance and conscientiousness (due care and diligence), which is what sets apart mediocrity and excellence; just as it would be futile and total waste of taxpayers’ money to build a road infrastructure, without the normal ongoing maintenance work.
The fact is that we are engaged in an unconventional warfare, and the American citizens need to understand it ; therefore, due care and diligence and active vigilance 24/7, is of utmost importance for achieving resilience, victory, and thriving over cyberwarfare; anything less will be self-defeating and very sad, because none of us would like the outcome, and that is the crux of the matter!

Wednesday, May 17, 2017

Nuggets of Wisdom

The Global Ransomware Menace: How to be Cyberwyze


Yes, Ransomware!  It is a form of malware that is used by adversaries or cyber criminals to encrypt files on computers or network system rendering the system and/or data unavailable to the legitimate users, and then demand ransom from the legitimate owners of the data to release the data, or be destroyed by the ransom seekers. The attacker may or may not release the information or data only after being paid, usually in a non-traceable means such as bitcoin. 

The best practice to avoid being held hostage for your data if attacked with Ransomware is to routinely backup data and store in a safe at an offsite location, far from an organization’s network system or an individual’s computer or storage devices.

Please read the following Nuggets of Wisdom from the Federal Trade Commission (FTC) on Ransomware worries? and Fake emails could cost you thousands.

Monday, October 24, 2016

October is National Cyber Security Awareness Month!

Cyber Security is a Shared Responsibility

At Cyberwyze, we feel both privileged and obligated to join our nation in highlighting the importance of the safety of our sensitive information online and offline during the 2016 national cyber security awareness month.

Enough, Already!!!

Shhhhhhhh!!!  Sometimes, silence is safety! 

As a nation, we need to be wise with the information we put out in cyberspace, yes, it is very American to be open and transparent; that is what makes us an open society and free. But we must know that the sensitive information that we throw out in the cyberspace for all Americans, who has the right to them to see, are all also accessible to our enemies who would use those information to harm us. We all know that the element of surprise is crucial in warfare, there cannot be an element of surprise without silence or privacy. In this largely asymmetric warfare, sometimes, perhaps more often than not, we need to be seen not heard, seen taking action, not just talking and tipping our adversaries off on what we are going to do or expressing weakness by constantly bemoaning what has been done to us.  We have to keep our mouths sealed sometimes, if not most of the times, if we want to succeed in the cyber warfare that we are in. Period!  

In the midst of what seems, almost a daily occurrence of security breaches, we, as a nation of innovators and visionaries, need to urgently change our strategies in the cyber warfare.  Primarily, we need to stop arming the adversaries with our careless handling of sensitive national information. For example, just because we have open government provisions, such as FOIA, does not mean that the information acquired through those provisions are less sensitive and does not require protection. We are shooting ourselves on the foot, in fact, jeopardizing our national security, and essentially waging losing cyber warfare.  Our government leaders have to understand that we are living in a global environment, and that any information put out on the Internet is not restricted to the consumption of American citizens alone, but to the whole world, both friends and foes.  Those who are in war don’t divulge information that could aid the enemy.  What we are doing is counter-productive, people!  

Let’s learn to protect ourselves by keeping our sensitive information safe; it is not such a great idea to put it out there for the whole world to see, if we want to overcome in this unrelenting and ferocious cyber warfare, else we are toast!  What will it be, folks?  

Talk Less, Act More!!!

Friday, June 10, 2016

Are you Cyberwyze?

Growing up we were always taught to be streetwise, and most of us still are, but how about “cyberwyze”—are you “cyberwyze”?  My goal is to keep us safe from the ploys of the adversaries who are constantly looking for whom to defraud.  So you keep reading, and I’ll keep researching everywhere to get credible information to help you and I render unachievable the nefarious plots of the adversaries (hackers).

Here are some practical ways to help us be Cyberwyze (Courtesy of the Department of Homeland Security):
  • Never click on links in emails. If you do think the email is legitimate, whether from a third party retailer or primary retailer, go to the site and log on directly. Whatever notification or service offering was referenced in the email, if valid, will be available via regular log on.

  • Never open the attachments. Typically, retailers will not send emails with attachments. If there is any doubt, contact the retailer directly and ask whether the email with the attachment was sent from them.

  • Do not give out personal information over the phone or in an email unless completely sure. Social engineering is a process of deceiving individuals into providing personal information to seemingly trusted agents who turn out to be malicious actors. If contacted over the phone by someone claiming to be a retailer or collection agency, do not give out your personal information. Ask them to provide you their name and a call-back number. Just because they may have some of your information does not mean they are legitimate!

  • Set secure passwords and don't share them with anyone. Avoid using common words, phrases, or personal information and update regularly.

  • Keep your operating system, browser, anti-virus and other critical software up to date. Security updates and patches are available for free from major companies.

  • Verify the authenticity of requests from companies or individuals by contacting them directly. If you are asked to provide personal information via email, you can independently contact the company directly to verify this request.

  • Pay close attention to website URLs. Pay attention to the URLs of websites you visit. Malicious websites sometimes use a variation in common spelling or a different domain (for example, .com instead of .net) to deceive unsuspecting computer users.

  • For e-Mail, turn off the option to automatically download attachments.

  • Be suspicious of unknown links or requests sent through email or text message. Do not click on unknown links or answer strange questions sent to your mobile device, regardless of who the sender appears to be.