The Biggest Cybersecurity Threats Are Inside Your Company

HARVARD BUSINESS REVIEW

When security breaches make headlines, they tend to be about nefarious actors in another country or the catastrophic failure of technology. These kinds of stories are exciting to read and easier for the hacked company to admit to. But the reality is that no matter the size or the scope of a breach, usually it’s caused by an action, or failure, of someone inside the company.

The role that insiders play in the vulnerability of all sizes of corporations is massive and growing. In the 2016 Cyber Security Intelligence Index, IBM found that 60% of all attacks were carried out by insiders. Of these attacks, three-quarters involved malicious intent, and one-quarter involved inadvertent actors. IBM Security research also found that health care, manufacturing, and financial services are the top three industries under attack, due to their personal data, intellectual property and physical inventory, and massive financial assets, respectively.  However, while industries and sectors differ substantially in the value and volume of their assets and in the technology infrastructures they have to manage and defend, what all businesses have in common is people — all of whom have the potential to be an insider threat.

Before addressing the threat, it’s helpful to understand the primary types of insider risks:

  • We’re only human, and at exactly the wrong time. Human error is a major factor in breaches, and trusted but unwitting insiders are to blame. From misaddressed emails to stolen devices to confidential data sent to insecure home systems, mistakes can be very costly. The riskiest of these are well-meaning IT admins, whose complete access to company infrastructure can turn a small mistake into a catastrophe.
  • A few people leak the passwords. With these trusted but witting insiders, it’s the thought that counts. Malicious employees whose intent is to steal or damage are a very real risk. Some steal competitive information, some sell data or intelligence, and some just have a vendetta against the organization.
  • A wolf in the clothing of John from accounting. Cyber criminals are experts at hijacking identities. Some accomplish this by compromising an employee system through malware or phishing attacks; some leverage stolen credentials, especially by gleaning data from social networks. In many cases attackers can increase a hacked user’s access within a system, leading them to even more sensitive information.

The most dangerous aspect of insider threats is the fact that the access and activities are coming from trusted systems, and thus will fly below the radar of many detection technologies. Particularly in the latter two categories, malicious actors can erase evidence of their activities and presence to further complicate forensic investigations.

SOURCE: HARVARD BUSINESS REVIEW, SEPT. 19, 2016

Don’t Panic

Launching tech startup? “Don’t Panic” to the rescue

Ever wonder what sorts of issues you may encounter as a creator or entrepreneur? Or when you might want to reach out to a real-life lawyer?

That’s what Don’t Panic:) A Legal Guide (in plain English) for Small Businesses and Creative Professionals is all about.

Published by New Media Rights, with offices at iHive @ NEST in San Diego, this recently-published book is designed to help new-business owners of all kinds.

Don’t Panic:) will prepare you to deal with a wide range of legal issues you’re likely to encounter as a startup creator or tech entrepreneur.

The book’s authors are Art Neill, executive director of New Media Rights; and Teri Karobonik, former staff attorney at the non-profit agency.

Click here to buy the book on Amazon

Electronic version – $9.99 | Paperback – $14.99

SD3D Printing gains initial seed funding

Founded in 2013, SD3D Printing provides a one-stop shop for innovative 3D printing, scanning and design services in San Diego. Here’s an investment update from co-founder David Feeney:

“We were recently accepted into the Tech WildCatters (TW) accelerator program in Dallas, Texas. The process includes a $30,000 staged investment to help get us through what they call ‘The Gauntlet,’ which is their version of internally guided due diligence.

“The Gauntlet has five levels through which a startup progresses — Discovery, Build, Launch, Grow and Scale.

“Once a startup reaches Level 5, TW syndicates an investor dinner with the goal of opening and closing the startup’s seed round during that dinner. They lead the round with $100,000 of their own funding. Then the startup pitches to the group to bring in additional angels to the deal.
“Previously, every company that has reached Level 5 of the TW program has successfully oversubscribed their desired seed round during the syndicated investor dinner.

“We expect to reach Level 5 by mid-December. Bennett Berger, our co-founder and president, will be relocating to Dallas to ensure the process runs smoothly and remains on schedule.

“We will also be installing our second 3D printing kiosk at the TW headquarters in downtown Dallas. Our first was installed at iHive last month.”

SOURCE: SD3D Printing

,

Webroot buys Cyberflow Analytics

Webroot buys Cyberflow Analytics, to expand in San Diego

Webroot, the market leader in next-generation endpoint security and threat intelligence, has announced it has acquired the assets of CyberFlow Analytics, an innovator in applying data science to network anomaly detection.

This acquisition enhances Webroot’s ability to address the explosion of internet-connected devices and an increasingly complex threat landscape. The company plans to expand its operations in San Diego.

Adding the FlowScape network behavioral analytics solution extends Webroot’s leadership in machine learning-based cybersecurity to the network layer.

As malware is now overwhelmingly polymorphic and advanced persistent threats (APTs) mask their activities within everyday network noise, SaaS-based FlowScape adversarial analytics and unsupervised machine learning enables Webroot to further reduce time to classify and address threats.

“Today, one of the only things attackers can’t find out about your network is what’s normal,” said Dick Williams, Webroot CEO. “This solution can identify and alert on potentially malicious activity that deviates from normal traffic in milliseconds.”

SOURCE: PRNEWSWIRE,
Sept. 21, 2016

QuiO announces $1.05 million investment round

CyberTECH member QuiO (kwee-oh), a San Diego-based digital healthcare company developing smart injection devices and connected cloud-based software for the clinical trial and chronic disease market, announced the closing of a $1.05 million seed round.

The round was led by undisclosed investors with expertise in the health insurance, pharmaceutical and clinical research industries.

Medication non-adherence poses significant clinical and economic problems to healthcare systems globally, especially involving chronic disease patients who must self-inject at home.

The internet of medical things (IoMT) has shown success in addressing the issue, including inhaler sensors, connected pill bottles, and other adherence monitoring devices.

However, patients taking injectable therapies do not have access to such tools today, and average adherence rates can be as low as 50%.  Poor adherence to injectable therapies results in over $14 billion in avoidable medical costs and $22 billion in lost pharmaceutical revenue each year in the United States alone.

“With over 15 million Americans prescribed an injectable therapy today, we see a large and growing need for a comprehensive drug delivery and adherence monitoring solution,” said Alex Dahmani, co-founder and CEO of QuiO.

“Injectable therapies, including biologics and biosimilars, represent the future of medicine, making up nearly half of the pharmaceutical pipeline,” said Dahmani. “These are amazing therapies, and our technology is designed to help them reach their full potential.  We may even help move cancer therapies out of the clinic, enabling patients to safely treat themselves at home.”

QuiO is developing the first real-time adherence monitoring solution for injectable therapies.  The solution is powered by a fully connected drug delivery device platform.

SOURCE: www.quio.com

Tom Kereszti

MEMBER PROFILE: Tom Kereszti

Company: The John Maxwell Group

Founded: 2005

Leadership coach: Tom Kereszti

Product/Service: Leadership development, workshops, mentoring, coaching, public speaking

Website: www.JohnMaxwellGroup.com/tomkereszti

Location: 1185 First Avenue, Suite 201, San Diego, CA 92101

Contact info:

Tom Kereszti
415-793-4509
tom@kereszti.com
tomkereszti@johnmaxwellgroup.com

Upcoming special event: LIVE2LEAD, leadership development seminar

  • National simulcast hosted by John C. Maxwell, Leadership expert, best-selling author, life coach; and Dan Cathy, President/CEO, Chick-fil-A
  • Friday, Oct. 7, 2016, 8 am to 2:30 pm
  • General admission: $35; VIP admission: $65 (includes afternoon workshop co-hosted by Tom Kereszti and Dr. Stephen Kalauhi, transformation coach)
  • Rock East County Campus, 808 Jackman Street, El Cajon, CA 92020
  • Ticket info: contact Tom Kereszti, tom@kereszti.com

Quotable: “What is leadership? Leadership begins with leadership of yourself, then leadership of others and ultimately leadership of leaders. Tom is an industry influencer who adds value to individuals and companies reach their highest potential through life changing leadership principles.” – Tom Kereszti

Notable: Based on John Maxwell’s Biblically-based leadership principles, Tom will fine-tune his workshops, mentoring and coaching materials for your specific personal and business challenges. He will help transform your company and help your team realize its true leadership potential. Everything rises and falls on leadership. Look for an upcoming mastermind seminar hosted by Tom at CyberTECH.

Company Video: The John Maxwell Team

TOM KERESZTI is located within NEST at X-Hive, the newly-opened CoWork space at 1855 First Avenue, Suite 201, San Diego, CA 92103.

To inquire about available space, contact Darin Andersen:

  • darin@cyberhivesandiego.org
  • 619-341-4036