Cyber Without Insanity - Cybersecurity Without Insanity

The “Cyber Without Insanity” Email

I provide free advice to help you protect your reputation from cyber criminals and your sanity from IT providers..

I send a quick tip each day from Monday to Thursday, and a weekly wrap-up each Friday (which is also available as a podcast).

The email archive is below and you can sign up right here:

What is reasonable security? That depends.

Sam Glynn2022-12-01T07:02:15+00:00December 1st, 2022|Tags: Cyber Through Crappy Graphics, daily, framework, image|

What is reasonable security? That depends. Are you securing a white house or The White House?

Wondering what reasonable cybersecurity looks like? Don’t take my word for it.

Sam Glynn2022-11-30T08:18:54+00:00November 30th, 2022|Tags: daily, framework|

What is reasonable security? Don’t take my word for it!

What has Phil Collins got to do with cybersecurity?

Sam Glynn2022-11-28T10:17:55+00:00November 29th, 2022|Tags: daily, passwords, whathasthisgottodowithcyber|

What has Phil Collins got to do with cybersecurity? It’s all about the password.

Don’t change your password

Sam Glynn2022-11-28T08:09:36+00:00November 28th, 2022|Tags: daily, Multi-Factor Authentication, NIST, password manager, passwords|

You don’t need to change your password every 90 days. You need to change your policy.

Cyber 321: 25th November 2022

Sam Glynn2022-11-25T07:15:24+00:00November 25th, 2022|Tags: cyber321, incident response, phishing, protection, ransomware, software updates|

Cyber 3-2-1: Surveys by INTERPOL, the Bank of England, and by Northwave on the mental impact of an attack. Plus: Anti-virus software is proven to block ransomware. But only if it’s enabled.

What has a chocolate teapot got to do with cybersecurity?

Sam Glynn2022-11-24T05:33:42+00:00November 24th, 2022|Tags: backups, daily, ransomware|

Unless you test your backups, they may be as useful as a chocolate teapot.

Attackers don’t break in. They log in.

Sam Glynn2022-11-23T08:09:12+00:00November 23rd, 2022|Tags: daily, phishing, staff awareness|

Most cyber attackers don’t break into computer systems. They log in using the login credentials of a staff member or trusted contractor.

Prevention is better than cure

Sam Glynn2022-11-23T08:09:36+00:00November 22nd, 2022|Tags: daily, mindset, Multi-Factor Authentication, risk management, staff awareness|

Risk = Likelihood x Impact. Which type should you focus on first?

Risk = Likelihood x Impact

Sam Glynn2022-11-21T09:31:16+00:00November 21st, 2022|Tags: daily, mindset, risk management|

When thinking about how to reduce the RISK of a cyber-attack, it's useful to think about security measures that will reduce the LIKELIHOOD of an attack and those that will reduce the IMPACT.

Cyber 321: 18th November 2022

Sam Glynn2022-11-18T09:00:13+00:00November 18th, 2022|Tags: cost of attacks, cyber321, Multi-Factor Authentication, passwords|

Cyber 3-2-1: What have Howard Hughes and Liverpool FC got to do with cybersecurity? Plus: Health data of 5 million Australians has been leaked on the dark web. And I polish my graphic design skills to explain why passwords are bad and MFA is good. This week’s action is straight from James Clear - Are your struggling due to a lack of information or lack of action?

The MFA Cruise Ship

Sam Glynn2022-11-18T07:07:11+00:00November 17th, 2022|Tags: Cyber Through Crappy Graphics, daily, image, Multi-Factor Authentication, password|

Securing your system with Multi-Factor Authentication (MFA) is like using a cruise ship to navigate shark-infested waters.

The Password Dinghy

Sam Glynn2022-11-17T10:55:20+00:00November 16th, 2022|Tags: Cyber Through Crappy Graphics, daily, image, Multi-Factor Authentication, passwords|

Securing your system with just a password is like using a dinghy to navigate shark-infested waters.

Cyber 321: 11th November 2022

Sam Glynn2022-11-10T21:16:20+00:00November 11th, 2022|Tags: cost of attacks, cyber insurance, cyber321, Multi-Factor Authentication, phishing, software updates, staff awareness|

Cyber Sanity: “It will never happen” is a bold claim. “It will _probably_ never happen” is a more realistic and achievable position. Plus: LinkedIn, the ICO, and comedy gold from Seinfeld.

Cyber 321: 4th November 2022

Sam Glynn2022-10-26T14:50:57+01:00November 4th, 2022|Tags: cyber321, passwordless, passwords, ransomware, risk management, software updates|

Cyber 3-2-1: Don’t worry about zero-days. Don’t worry about passwords. Don’t worry about your code (if you’re a software company). This week’s action: Do you share the concerns of 48% of Board-level cyber experts?

Cyber 321: 28th October 2022

Sam Glynn2022-10-28T08:23:45+01:00October 28th, 2022|Tags: cost of attacks, cyber321, phishing, ransomware, staff awareness|

Cyber 3-2-1: Pig butchering, LinkedIn profile culls, and law firm cyber. This week’s action: Are you prepared to bet your professional reputation on one decision?

Cyber 321: 21st October 2022

Sam Glynn2022-10-21T09:18:30+01:00October 21st, 2022|Tags: cryptocurrency, cyber321, Multi-Factor Authentication, phishing, ransomware, staff awareness|

Cyber 3-2-1: How a 15 year old stole $24m. Don’t worry about deepfakes - Worry about phishing emails. And it’s not impossible to defend against ransomware attacks. This week’s action: Don’t trust your phone company with your house keys.

Cyber 321: 14th October 2022

Sam Glynn2022-10-18T09:14:02+01:00October 14th, 2022|Tags: backups, cyber321, Multi-Factor Authentication, passwords, phishing, ransomware, software updates, staff awareness|

Cyber 3-2-1: What has the HSE cyber-attack got to do with skyscrapers? How hackable are you? And is it ever a bad time to watch Face/off? This week’s action: If you work for yourself and have concerns about a cyber attack, I may have a solution for you.

Cyber 321: 7th October 2022

Sam Glynn2022-10-07T07:30:22+01:00October 7th, 2022|Tags: backups, business continuity, cyber321, incident response, Multi-Factor Authentication, passwords, payment fraud, phishing, ransomware, risk management, software updates, staff awareness, supply chain risk, third party risk management|

Cyber 3-2-1: This month and last month, Ireland’s police, government and national cybersecurity agency have warned SMEs about the ever-increasing threat of cyber attacks. And yet executives and boards will continue to deliberately ignore this risk until their valuables have been stolen. This week’s action: You are choosing your own adventure. Make sure you are comfortable with your choice.

Cyber 321: 30th September 2022

Sam Glynn2022-09-30T09:05:50+01:00September 30th, 2022|Tags: cyber321, incident response|

Cyber 3-2-1: It’s a very short edition this week due to a family bereavement. And it’s this bereavement that forms the basis of this week’s actions.

Cyber 321: 23rd September 2022

Sam Glynn2022-09-22T08:51:52+01:00September 23rd, 2022|Tags: cost of attacks, cyber insurance, cyber321, data protection, Multi-Factor Authentication, passwords, payment fraud, phishing, ransomware, staff awareness, website|

Cyber 3-2-1: 58% of cyber incidents start with a phishing email. Plus: North Face, LastPass, and Uber: 3 breaches; many lessons. This week’s action: On the internet, we’re all Capricorns.

Sign up for the Cyber Without Insanity Email

Quick, daily tips that protect your reputation from cyber criminals and your sanity from IT providers.

Not sure? You can read my email archive here.