Skip to main content

Maverick Cyber Security Newsletters


February 2019 - Comprehensive Guide to Security Awareness:

Kick the year off with a comprehensive overview of how to prioritize security awareness in your life, both personally and professionally. This guide digs into the specifics of what it means to be a strong human firewall, and why we place so much value on things like strong password practices and following policy.

  1. Humans that attempt to leverage emotions and trust against other humans are known as what? (social engineers)
  2. To make password management easier in your personal life, you should get one of these. (password manager)
  3. If your boss sends you a request to wire money or send sensitive info to someone, you should treat that request with a healthy degree of what? (skepticism)
  4. Circumventing ____ undermines our security efforts and could compromise the entire organization. (policy)
  5. Avoid connecting to public WiFi networks without the use of this. (a VPN or virtual private network)

2017-2018 Fiscal Year Archives:

January 2019 - Current State of Mobile:  Today, mobile refers to a massive web of connected devices (the Internet of Things, or IoT). It isn’t about simply having access while on-the-go. It’s about having control of nearly everything from the convenience of a smart device that fits in your pocket or straps to your wrist.  Unfortunately, lost in this world of smart connections is the prioritization of security. New technology rarely comes stocked with features that improve resistance to cybercrime. Quite the opposite, in fact.

In this issue, we address the current state of mobile and subsequent concerns of both professional and personal security. We cover how to secure mobile devices, discuss the price of convenience, and lay out a field guide to help keep remote workers safe. 

  1. To display the full URL of a link on a mobile device, you can do this. (long-press or press and hold the link)
  2. These two things need to be changed immediately after booting up new devices. (Username and password)
  3. Never connect to public WiFi without using this. (a VPN or virtual private network)
  4. You can avoid automatically connecting to a spoofed network by disabling what? (auto-connect)
  5. Social engineers sometimes leave these laying around in busy areas with hopes that someone will find and access them. (USB flash drives)

2018-2019 Fiscal Year Archives:

December 2018 - Getting Phished:  From advance-fee scams to spoofed email addresses, phishing has long been the go-to attack in the social engineer’s playbook. In this month’s issue, we cover why phishing works via a real-life example, and highlight the obvious signs of an attack with a phishing identification checklist. From there, we cover the perils of ransomware attacks, which have surged in 2018, and wrap things up by illustrating how organizations can defend against the ever-dangerous Advanced Persistent Threats.

  1. Name three signs of a phishing email. (Bad grammar/spelling, unrealistic offers, threatening language, a sense of urgency, unexpected attachment, a call-to-action, unrecognizable address)
  2. True or False: if an email comes from someone you know, there’s no way it’s a phishing attack. (False)
  3. With one wrong click, this type of attack could lock up our entire organization’s networks. (Ransomware)
  4. Never allowing someone else to use your credentials for any reason is an example of what? (Respecting privileged access)
  5. By always doing this, you help strengthen our organization’s security posture and prevent unnecessary risks. (Following policy)

November 2018 - Incident Response. How much damage can a security incident cause in one minute? How much damage can that same security incident cause if left unreported for one hour? Is that 60 times the potential damage? Or what about one day or even a week or longer?

Incident response is a vital part of mitigating the damage caused by security events and preventing similar events in the future. Users need to know when and how to report any incidents they may encounter in their daily routines. This month’s issue focuses on that issue and highlights the importance of incident response as matter of policy.

  1. One of the top ways to prevent future incidents is by doing this. (reporting incidents ASAP)
  2. Name at least two types of incidents to report immediately. (phishing emails, vishing, random USB drives, unfamiliar person)
  3. Every person must always do this in order to keep our organization secure. (Follow policy)
  4. Social engineers have been known to plant these hoping someone will find and access them. (USB drives)
  5. Individuals who fail to follow policy are known as what? (Insider threats)

October 2018 - Identification and Authentication.  Passwords have been around for centuries… ever since humans felt the need to password-protect something (the right to enter or pass, for example). Fast-forward to today and the need for strong identification and authentication is more important than ever. Access to nearly every part of our online lives is protected by nothing more than a username and a string of characters. The strength and uniqueness of those characters is all that stands between cybercriminals and sensitive data.

With that in mind, this month’s issue focuses on the importance of strong passwords, addresses the concerns with standard password practices, and analyzes updated password guidelines.

  1. Find the piece of expert password advice that rhymes. (Longer is stronger)
  2. Name at least two types of privileged accounts. (local admin, application, privileged user, domain admin)
  3. Name at least one thing that you can do to respect privileged access. (Respect the access you’ve been granted. Use common sense and think before you click. Remember that physical security is an important part of information security.)
  4. Provide an example of a good password following the new NIST guidelines. (Answers will vary, but should be something along the lines of: thedogwantstoplayfetch)
  5. What do experts advise you use on personal devices and at home for better password security? (A password manager)

September 2018 - The Human Side of Security.  There is no shortage of technical solutions for defending organizations against cyber threats. A quick internet search yields many options for threat detection, threat prevention, and a variety of other services aimed at keeping data secure. But security, at its core, is a people process.  People create strong passwords. People use common sense to avoid falling for phishing scams. People develop security software to help defend other people (from people). Focusing on the human elements of cybersecurity, from both an end-user and cybercriminal perspective, makes it easier to understand what end-users are up against daily, and also gives a face to a complex topic that many think is highly technical.

  1. People that use strong situational awareness and common sense to prevent security incidents are known as what? (Human Firewalls)
  2. _______________ is the art of manipulating or deceiving individuals to gain unauthorized access, both physical and digital. (Social Engineering)
  3. This type of phishing attack targets specific people and organizations. (Spear Phishing)
  4. Organizations hire ___________ to break into their networks and buildings and expose flaws. (Penetration Testers)
  5. What does BEC stand for? (Business Email Compromise)

2017-2018 Fiscal Year Archives:

August 2018 - The Rule of Three.  The number three surrounds us. We find it in mathematics and science. Only three primary colors are needed to mix most other colors (red, yellow, blue). The three-act structure is the predominant model used in screenwriting (the setup, the confrontation, the resolution).

This aptly named “Rule of Three” represents a big part of how we think, make sense of, and cluster information. In this month’s issue, we highlight that core human trait to demonstrate how triads help people understand and visualize security awareness.

  1. What does CIA stand for? (Confidentiality, Integrity, Availability)
  2. Personal, Professional, and Mobile combine to make this security triad. (Many Lives Triad)
  3. What are the three elements of the Domains Triad? (Cyber, Physical, People)
  4. Every organization needs to consider these three fundamental components when creating a successful culture of security. (Processes, People, and Technology)
  5. You receive a text message warning you that your bank account has been locked due to fraudulent activity and instructs you to click on a link to fix it. his is likely an example what kind of social engineering attack? (Smishing or SMS Phishing)

July 2018 - All about Social Media.  The social media explosion over the last several years has created a cultural phenomenon where seemingly everything is documented. From dating apps to neighborhood watch groups, information has never been more accessible, nor has its life cycle been so infinite. What happens on the internet, stays on the internet.

Social media can be fun and friendly but the darker side employs scams, fake news, fake friends, bullying, harassment and countless other risks. In this issue, we cover how organizations and individuals can defend themselves against the unsocial aspects of social media.

  1. This common scam involves fake pages offering bogus promotions or free products in exchange for a like or a share. (Like-farming)
  2. A software program that creates, stores, and syncs passwords across multiple devices is known as what? (Password manager)
  3. This security setting requires an additional code or pin which is typically sent to you via email or text. (Multi-factor or two-factor authentication)
  4. Using you fingerprint to unlock your smart device is an example of what? (Biometrics)
  5. By the year 2021, how many users are expected to be on social media? (3 billion)

June 2018 - The Cybercrime Issue.  Last year, cybersecurity took center stage not just in boardrooms, but in the media. It’s not just a C-level concern, but something that affects every one of us, at both professional and personal levels. And if the first few months of 2018 are any indication, it’s not slowing down.

In this month’s issue, we focus on the threats and cybercrime that almost every organization faces, including those that come from within. External and insider threats require different kinds of awareness, and both deserve the same level of attention!

  1. When cybercriminals rent or sell their tools or services to less-experienced criminals, it is known as what? (Crime-as-a-Service or CaaS)
  2. To see the full URL of a link, you should always perform this easy function. (Mouseover)
  3. What does GDPR stand for? (General Data Protection Regulation)
  4. When organizations hire a third party to break into their networks it is known as what? (Penetration Testing)
  5. This regulation officially takes effect on May 25, 2018. (GDPR)

May 2018 -   Protecting Sensitive Data. It seems like data breaches are always in the news.  What can you do to protect the University's data as well as your own?  Check out this month's newsletter to learn how to protect your data and privacy when storing, transferring, and even hot to safely destroy the data once it has reached its end of life.

April 2018 -   The Threat Connection.  Cybercriminals target organizations of all shapes and sizes. But we also must contend with insider threats, whether they be accidental or malicious. Ensuring that sensitive information stays safe throughout its lifecycle means assessing our vulnerabilities both internally and externally. In this month’s issue, we analyze the most common threats we face and demonstrate the most common solutions to preventing those threats from compromising our objectives as security aware organization. 

  1. What does APT stand for? (Advance Persistent Threat)
  2. What type of phishing attacks target specific people and organizations? (Spear phishing)
  3. Hiring someone to break into networks and report vulnerabilities is known as what? (Penetration Testing)
  4. Anyone with inside access to our organization is considered to be this type of threat.  (Insider)
  5. These types of attacks take down servers and networks by flooding them with more information than they can handle. (Distributed denial-of-service (or DDoS))

March 2018 -   Getting Comfy with Compliance. Whether you have to follow compliance mandates for work or not, across the globe we are all affected by their rules and regulations. Consider the amount of data you must provide for general services like utilities and health care. Have you ever wondered who has access to that data, or how it’s being protected? The answer to those questions is compliance regulations. From health care to financial entities, regulatory commissions develop and enforce the standards for how organizations are required to protect our sensitive data!

  1. What are the three elements of the CIA Triad? (Confidentiality, Availability, Integrity)
  2. This compliance standard applies to every organization that accesses personal data of EU citizens. (GDPR)
  3. “An organized process of reacting to a potential security incident with the intentions of reducing negative impacts, and preventing future incidents” is the definition of what important security process? (Incident Response)
  4. If you notice a someone who doesn’t have a badge or authorized credentials in a controlled access area, what should you do ASAP? (Report it/them)
  5. Identify, Protect, Detect, Respond, and Recover are the five components of what framework? (NIST Cybersecurity Framework)

February 2018 -   Creating a Security Culture.  Every organization has a unique culture—a shared behavior that shapes the way employees and business partners interact with each other. One of the most important parts of that culture is security awareness. From the way we address external security threats, to the access controls we place on our internal networks, it all works together as on ongoing effort to defend our organization. And we all play a role in improving our culture of security awareness. Find out what that means, how it applies to our professional and personal lives, and what happens when culture is undervalued.   

  1.  Gandhi  once said that “A nation’s culture resides in the hearts and in the soul of its ____.” (people)
  2. Over 145 million individuals had personal information stolen as a result of this massive data breach in 2017. (Equifax)
  3. This company tried to cover up a data breach by paying the cybercriminals a lump sum of cash. (Uber)
  4. What does NCSAM stand for? (National Cyber Security Awareness Month)
  5. In what year did the Association for Computer Security create “Computer Security Day”? (1988)

Janurary 2018 -   Personal, Professional, and Mobile Non-Technical Security:  The potential to have your data or the University's data compromised is real and can happen easier than you think!  Someone trying to get access to the data may be able to without even getting to your computer.  Check out this months newsletter to see how data can be stolen, and how you can prevent it.  

December 2017 - Privacy vs Security. Do you know the difference between privacy and security? Understanding how these two concepts work together, and how they differ, is key to improving our overall defense. From policies and compliance regulations, to using common sense and staying alert, privacy and security have one common goal in mind: guaranteeing the confidentiality, integrity, and available of sensitive data. Achieving that goal is a responsibility we all share!

  1.  People who have been granted access, from sensitive data to controlled rooms and buildings, are considered to be what? (Insider Threats)
  2. When someone moves on from an organization, they must go through this process. (Offboarding)
  3. What does HIPAA stand for? (Health Insurance Portability and Accountability Act)
  4. How many people were impacted by the Equifax data breach? (Over 143 million)
  5. Full names, credit card numbers, and date of birth are examples of what?(PII or personally identifiable information)

November 2017 - Social Engineering and Phishing. Cybersecurity is a human process that social engineers attempt to exploit in many different ways. From phishing to tailgating to dumpster diving, we need to be aware of the threats we face in all three domains (cyber, physical, people). Understanding the psychology of a scam and how cybercriminals target their victims is key to staying secure!

  1. This type of social engineering attack targets specific individuals or companies. (Spear Phishing)
  2. This type of social engineering attack targets senior executives and high-profile individuals. (Whale Phishing)
  3. What does BEC stand for? (Business Email Compromise)
  4. Victor Lustig fraudulently sold this iconic structure… twice. (Eiffel Tower)
  5. This is the practice of developing fabricated scenarios to trick victims into giving up sensitive information. (Pretexting)

October 2017 - Being Smart About Smart Devices  Imagine a world where your refrigerator orders groceries on your behalf, which are then delivered by computer-controlled drones or driverless vehicles. It may sound like science fiction, but in reality, the Internet of Things, or IoT, is already on that path. We live in an age of access and convenience, and it’s only a matter of time before everything we own is connected.

But we need to consider the dangers and consequences of that convenience. With each new device that comes online, a new attack surface presents itself to cybercriminals. Until developers prioritize security over convenience, it’s on the rest of us to upgrade privacy efforts, both at work and at home.

  1. An army of compromised smart devices used to launch DDoS attacks is known as what? (Botnet)
  2. What does DDoS stand for? (distributed denial-of-service)
  3. True or False: Hiding your SSID is a great security feature of routers that we should all utilize. (False)
  4. How many smart devices are projected to be connected by the year 2025? (75 billion)
  5. What’s the name of the malware strain responsible for the largest DDoS attack to date? (Mirai)

September 2017 - The Front Door  It’s often said that passwords are the first line of defense when it comes to information security. But is that still the case? And what does the future hold for identification and authentication? Are biometrics any better?Understanding how we access accounts and how we protect networks and the Internet of Things (IoT) is vital to security. From proper password construction to respecting privileged access, it all works together, and we all play a role. 

  1. What does SNL stand for in regard to passwords?(Symbols, Numbers, Letters)
  2. This software stores and syncs all logins and passwords across multiple devices. (Password Manager)
  3. Fingerprint scanners and facial recognition are both examples of what? (Biometrics)
  4. If you use your credentials to unlock a door, and then hold that door open for someone else, what did you just allow that person to do? (Piggyback)
  5. What are the three common types of insider threats? (Malicious, Accidental, Negligent)

2016-2017 Fiscal Year Archives:

August 2017 - Malware How much is your computer worth? What about your smartphone? Your identity? Everything has a price and cybercriminals are looking to profit. The World Economic Forum estimates that the global cost of cybercrime was $445 billion in 2016. This is big business.

But the stakes are much higher than money. We’ve seen ransomware attacks hit hospitals, putting lives at risk. We’ve seen attacks on critical infrastructure, like power grids and water treatment facilities—things we rely on every single day. Cyber threats become more sophisticated every day. The need for us to be strong human firewalls united in the fight against cybercrime is greater than ever!

  1. According the Verizon Data Breach Investigations Report, what percentage of phishing emails are clicked through? (12 percent)
  2. What does BEC stand for? (Business Email Compromise)
  3. Malicious advertising that cybercriminals run on legit websites is known as what? (Malvertising)
  4. How many mobile malware detections were there in 2016? (18.4 million)
  5. Malicious mobile applications that impersonate legit banking apps and steal account info are known as what? (Banking Trojans)

July 2017 - See Something? Say Something! Security incidents are going to happen, sometimes because of mistakes and sometimes because of things beyond our control. What’s important is how we handle them. If we don’t report them—even those little things that seem unimportant—chances are they’ll happen again. How we handle incidents is just as important as what we do to prevent them! See something? Say something!

  1. What is the most common way malware finds its way onto computers and networks? (Phishing)
  2. This is the telephone equivalent of phishing? (Vishing)
  3. Aside from not clicking on any links or attachments, what should you do if you receive a phishing email? (Report it)
  4. The process of recognizing, identifying and reporting security events is known as what? (Incident Response)
  5. Allowing someone else to use your credentials to gain access is known as what? (Piggybacking)

June 2017 - Safely Sailing the Cyber Seas:  Most of us never think about how much work goes into the way we communicate. When we do consider the greatness of the networks that connect us, we should treat them with respectful caution; respect for the power that flows through the cables, caution for interacting with the people who want to do us wrong. We need to constantly educate ourselves so we can fight back against the crime that travels across those wires and circuits.

  1. What year was the first transatlantic telegraph cable laid?  (1858)
  2. What does the “S” in HTTPS stand for? (Security)
  3. This browser plugin effectively removes popup advertisements.  (AdBlock Plus)
  4. The use of advertising to spread malware is known as what? (Malvertising)
  5. What’s the number for Facebook Customer Service? (There isn’t one.)

May 2017 - The Top Ten Security Practices:  Knowledge is power. And, in this case, that power enables us to protect ourselves, our organizations, our families, and our friends. Check out our collection of top ten lists and see how they can be applied to your everyday life at work, at home, and on the go. Remember that each and every one of us has it in ourselves to be a strong human firewall and combat cybercrime.

  1. 2016 set an all-time high in data breaches with how many records exposed globally? (4 billion)
  2. A cyber thief spoofing the email of a high-level executive and requesting sensitive information is an example of what? (CEO Fraud or Business Email Compromise)
  3. If your Android phone is stolen, you can use this to remote erase your data. (Android Device Manager)
  4. If your iPhone is stolen, you can use this to remote erase your data. (Find My iPhone)
  5. By always doing this, everyone within our organization becomes a security asset and strengthens our resistance to cybercrime. (Following policy.)

April 2017 - The Rule of Three:  We are surrounded by the number three. When arming cyber-aware citizens on the third rock from the sun, we rely on three security triads: The CIA Triad, Domains Triad, and Many Lives Triad lay the foundation of what it means to be secure in every aspect of the ongoing battle against cybercrime.

  1. Which of the three triads is considered to be the pillar of information security? (The CIA Triad)
  2. What should you do with sensitive documents that are no longer needed? (Shred them)
  3. You should never connect to a public network without one of these. (VPN or Virtual Private Network)
  4. What are the three lives of the Many Lives Triad? (Professional, Personal, and Mobile)
  5. What are the three domains of the Domains Triad? (Cyber, Physical, and People)

March 2017 - Become a Human Firewall:  Whether you know it or not, YOU are a human firewall. That is not up for debate. It’s just a matter of how good you are at being one. As a human firewall you have a lot of responsibilities. The good news is that those responsibilities don’t require strong technical or computer skills. They simply require common sense, good decision making, and a commitment to fighting cybercrime!   If everyone does their part, maybe we’ll have a different – more secure – conversation at this same time next year.

February 2017 - Cybercrime Update:  Cyber threats are not going away. Most experts think the Security of Things will get worse before it gets better. Tech companies will continue to release products rife with security flaws, errors or misconfigurations. Cybercriminals will continue to discover new ways to find and steal data and to compromise organizations. We can’t predict what the next new wave of cyber threats will be in 2017, but we can rely on security fundamentals with a proven success rate to minimize their effect.  If everyone does their part, maybe we’ll have a different – more secure – conversation at this same time next year

January 2017 - Common Sense Security:  No piece of information security technology, like biometrics (fingerprint scanners, facial recognition, etc.), is totally secure. There is always a way to enter, bypass, fool or otherwise render security ineffective. At the same time, we can’t just sit around and wait for it to improve, just like we can’t sit around waiting for tech companies to enhance security features, or for governments to regulate tech companies.  As always, security awareness and implementation is a non-technical, human process with an end goal of improving our security behavior. Once we understand the problem, the solution becomes as simple as common sense. Let’s change our habits and become security assets instead of liabilities.

December 2016 - What is PII?:  PII stands for Personally Identifiable Information. But what info is considered PII? And what info isn’t considered PII? Those can be tough questions to answer. PII is any data that can be used to specifically identify an individual. But that’s rather vague and can be confusing. In this issue we will clear up these questions and more.

November 2016 - Horrors of Malware:  Malware is any malicious software, script or code installed on a computer that alters its function in some manner without permission. It might be malicious or it might not be. Malware comes in all shapes and sizes and can go undetected for long periods of time. Like with all things computer security, infections can be prevented by maintaining good cyber hygiene: keep software and firmware up-to-date, use strong passwords, backup data regularly, implement anti-virus and anti-malware software, think before you click, and always follow policy.

October 2016 - Safe Surfing: From our homes to our mobile devices to our computers at work, we are connected, we are surfing. If we’re not doing it safely, we can easily drown in a sea of malware, spyware, viruses and even identity theft. 

September 2016 - Insider Threats and Data Breaches:   E-commerce has taken over the way we do business, which means there’s a lot of sensitive information being exchanged. This opens more doors for criminals. Instead of going after goods and services, they can target our data (and yours) without even leaving home. The worst thing any of us can do is assume we’re not a target.

2015-2016 Fiscal Year Archives:

August 2016 - Mobile in the Cloud: Because of mobile devices and the cloud, we live in a world of constant access. Which means we need to be constantly vigilant to avoid scammers. Do you know what to do if you lose your smartphone? Do you know what data Google collects on you?

July 2016 - The CIA Triad:  The CIA Triad is one part Confidentiality, one part Integrity and one part Availability. As a whole, it is the single most crucial element to protecting sensitive data. Failure at any one level can lead to failure at every level. It’s our duty to not only keep data private, but also make sure it is consistently accurate and accessible for authorized users.

June 2016 - Living a Healthy Cyberlife:  Maintaining a healthy life-style is a challenge even for the best of us. Our busy lives make it difficult to eat right, exercise regularly and get enough sleep. But, when we make a habit out of all of those things, it comes a bit more naturally. In this issue we want to help you achieve a healthy cyberlife by practicing good security habits on a regular basis.

May 2016 - Spam, Scams & Hacking You on Social Media:  Your email, LinkedIn, Facebook, (all social media) and even your text messages can pose potential security threats. With a little security awareness you can learn to identify and avoid such threats by using simple common sense and easy to follow security practices.x

April 2016 - Personal & Home Network Security:  The path to great security awareness doesn’t begin and end at work, you must also be vigilant at home and in your personal lives. In this issue we discuss the steps you can take to protect your home network and PII (personally identifiable information), and what steps can be taken to avoid ransomware.

March 2016 - The Secrets of Data Classification:  Data classification is essential to our everyday lives, both at work and at home. In general, data can be classified into one of four sensitivity levels: public, internal use, regulated and confidential or top secret. Do you know the sensitivity levels of the data you handle at work? How do you handle your personal data at home?

February 2016 - The Three Domains of Security:  People remember things best in groups of three. In this issue, we are exploring in depth the Three Domains Triad, which consists of the Cyber, Physical, and Human domains. Each domain has its own unique security risks that a security savvy person must be aware of and prepared for. As we explore each domain, think of how it can apply to your specific job. Have you ever been phished? Have you ever been social engineered? Did you know what actions to take?

Janurary 2016 - Security Awareness Top 10:  If you could only have one food for the rest of your life, what would it be? What are your three top wishes? What are your Top-10 best security behavior and practices at work and at home?  In this issue, we even take Top-10s further, by introducing the Top-10 of Security Top-10s! The Top-10 Mobile Security tips and tricks. Top-10 ways to protect kids on line. Top-10 Social Media best behaviors... and of course, we will relate all of those common sense activities to work policy and best practices...

December 2015 - Be a Human Firewall:  We may not think about it, but we all need to be human firewalls and understanding just what that entails in our professional and personal lives, might seem complicated or overwhelming. In this newsletter, we take a look at the top concerns of human firewalls both at work and at home. Across all domains; cyber, people and physical, being a strong human firewall is really just about common sense, making good decisions and asking for clarification whenever you are in doubt!

November 2015 - The Social Engineering Issue:  This newsletter adds some context to the most successful attack method ever devised - Social Engineering.  Yes, Social Engineering attacks work because the bad guys attack YOU - the human - and not the technology. We’ll look at Social Engineering throughout history, going back more than three millennia. Then we will find out what a Social Engineer looks like! And today in Hollywood, USA, Social Engineering is embedded into all forms of Pop Culture - from Die Hard to Inception.  Remember, only you can prevent Social Engineering!

October 2015 - The Malware Issue, Catching it, avoiding it, and what to do when you're infected:  The hostile world of malware, viruses, Trojans and more!  Did you know that the majority of successful cyber-attacks include malware? Some people believe that mobile devices are immune from malware, but with Facebook and an endless number of Apps, nothing could be farther from the truth.  Take a look at this engaging issue and see if your 'malware smarts' are up to par!

September 2015 - The A to Z Guide of Security Awareness:  Newsletter about all things security, from A to Z.  What are the 'A-B-C's of security awareness that begin with a 'Z'? What about an 'X'? Or how about the awful Scrabble letter, 'J'?  All it takes is a little bit of awareness and minding your 'P's and 'Q's to notch your security profile!

2014-2015 Fiscal Year Archives:

August 2015 - A deeper look at Nontechnical & Physical Security:  Take a deeper look at nontechnical and physical security in our professional, personal, and mobile security lives. Topics also include, Social Media Sharing, Hotel Bills & Personally Identifiable Information (PII), Dumpster Diving & Garage Door Hacking, No Tech Hacking

July 2015 - The Privacy Issue:  Privacy – defining what is PII, the many different lives of PII, the difference between Privacy versus Security, and how to protect yourself and your family from Identity Theft. BONUS – a full-page compliance chart of compliance standards related to privacy!

June 2015 - The Cloud is Not Yours:  We hear the term used a lot but many still don’t truly understand what is meant by “the cloud.” A simple explanation: the cloud is someone else’s computer. It’s not yours. And that is exactly why there is so much debate about security in the cloud.

May 2015 - Cyber Crime Update:  Review of 2015 network security threats, what are they and how to avoid them.

April 2015 - The Identification & Authentication Issue:  Did you know that passwords are only one small part of identifying yourself to a computer, a network or any online service? Accessing hardware and software resources, also sometimes called  the front door, usually consists of two components: Identification & Authentication, or I&A.

March 2015 - Let's Get Social!, Smart Social Networking:  Properly using social networks and media can be quite complex and the security issues even more so. ‑ The security and privacy settings can change overnight and you never know when a hosting company (ISP, social media platform) might get hacked, violating your personal lives even further.  If this all sounds somewhat dire, your own security awareness can come to the rescue! At least, a good dose of awareness can help you make better choices and be safer while using these social networks.

February 2015 - The Many Lives of Security:  Security in our personal, professional, and mobile lives as newer technology causes overlap in areas that were distinct at one time. This issue also addresses the internet of things, a question and answer section, the importance of policy, comments to contemplate, and more.

January 2015 - End of Year Review: The biggest security issues of 2014 to include top 5 security threats, notable data breaches, critical infrastructure protection, and the use of USB drives and data loss.

December 2014 - Social Engineering, Making Puppets out of All of Us:  The December 2014 newsletter focuses on Social Engineering and introduces 4 new scams currently in play

November 2014 - The Phishing Issue:   Phishing Issue covering the different types of phishing, and realistic phishing email examples that can prove useful at work and at home.

October 2014 - The Mobile Issue:  Focusing on securing our mobile devices and the data that we store on them . Special topics of interest include the iCloud Hack of 2014, exactly what is the “Cloud”, and the basics of Two-Factor. Read up to learn more!

September 2014 - The Identity Theft Issue:   What to do if your're the vicitm of ID Theft.  Identity theft can take many different forms. For example, a criminal might try to log-in to another customer’s account and make transactions without their authorization. Or another might use a stolen credit card number to buy products and services.