All posts by Eric Vanderburg

Eric Vanderburg is an author, thought leader, and consultant. He serves as the Vice President of Cybersecurity at TCDI and Vice Chairman of the board at TechMin. He is best known for his insight on cybersecurity, privacy, data protection, and storage.Eric is a continual learner who has earned over 40 technology and security certifications. He has a strong desire to share technology insights with the community. Eric is the author of several books and he frequently writes articles for magazines, journals, and other publications.

The wildfire that ripped through California in early October caused tremendous damage and the loss of over 30 lives.  So far this year 8.5 million acres have been burned, and last year 4.8 million acres were destroyed due to wildfires.  The loss of life, property, and our valuable forests is staggering.  However, at the recent Dell IQT Day, solutions were discussed for a variety of modern challenges, and I believe IoT can aid in reducing wildfires. According to the National Park Service, a bureau of the Department of the Interior,…

Continue reading

Cybercriminals use phishing emails with malicious links or attachments to distribute ransomware more than any other method. Their goal is to fool unwitting victims into downloading the nasty, file-encrypting malware so they’ll be forced to pay a ransom in exchange for the decryption key. CSO Magazine last year found that 93% of all phishing emails contain ransomware. To protect yourself and your business, it’s important to know what emails and tricks to avoid. Here’s a look at phishing emails that have commonly used to spread CryptoLocker, CryptoWall, Locky and other notorious…

Continue reading

The WannaCry ransomware attack earlier this year infected more than 230,000 computers in 150 countries within one day of its release. It received a huge amount of media coverage and created widespread concern for ransomware protection. Estimates of the total damages from WannaCry range from several hundred million to $4 billion. About a month later, NotPetya ransomware caused an estimated $300 million in damages. Those estimates are certainly high. But it could have been much worse, if it weren’t for some flaws in the WannaCry and NotPetya code. And you can bet that in…

Continue reading

Defense Federal Acquisition Regulation Supplement (DFARS) clause 225.204-7012 was established in 2015 to protect Controlled Unclassified Information (CUI).  CUI is information that is not classified, but still must be protected.  CUI is important sensitive information that it does not require a security clearance to view. The National Institute of Standards and Technology (NIST) has established special publication 800-171 to provide guidance on how to protect unclassified data in the private sector.  DRARS mandates that organizations that store, process, or transmit information for federal or state agencies including the DOD comply…

Continue reading

Ransomware, the malicious code that holds data hostage, is now a more common threat to businesses than data breaches. It continues to be a thorn in the side of companies large and small, and has enriched many cybercriminals throughout the course of its history. Ransomware targets computers, mobile devices and even machines connected to the Internet of Things. The ransomware we know today is predominantly crypto-ransomware, which encryption technology to hold victims’ data hostage until a ransom is paid. Other types include locker ransomware, which prevents users from accessing their devices; ransomware…

Continue reading

The costs associated with a ransomware attack are often viewed from two dimensions: On one side, there is the ransom demand, and on the other, the cost to recover or recreate data. Neither of these is a complete view because they do not take into account all the ancillary costs. Here’s a quick look at several factors that also add to the cost of dealing with ransomware: Downtime Ransomware frequently results in at least some IT systems downtime, meaning that technology resources necessary for business operations are unavailable. The costs…

Continue reading

Some ransomware are strategically designed to cause as much damage as possible while producing large profits for cybercriminals. And the ransom demands for these Advanced Ransomware Threats (ARTs) far exceed those for a typical ransomware attack. ARTs hold your most valuable assets for ransom and ensure that copies of the data are not available for restoration. There are typically six phases of an ART attack, including: Reconnaissance This process begins with reconnaissance. The attacker reviews information on the company and may even make a list of employees mentioned on the company web…

Continue reading

Linux is an open-source operating system that is very versatile due to the large group of volunteers that maintain and update the popular open-source operating system. There is a broad range of Linux distributions aimed at different purposes and preferences. Some are built for specific tasks such as privacy protection or perimeter defense and a host of options are available for both desktop and server operating systems. Linux has been around for decades, yet it only claims 2.36% of the desktop operating system market share. Linux is much more popular on the…

Continue reading

Cybersecurity challenges companies, countries, and individuals to continually improve protections against an enemy that wants our secrets, money, and identify.  Over the last few decades, the industry has moved from an explorative infancy to an integral and vital corporate function. I had the opportunity earlier this month to discuss the evolution of cybersecurity with Dr. Alissa Johnson, CISO at Xerox.  Her perspective on this journey was interesting to me because Alissa Johnson, also known as “Dr. J”, has served in both the public and private sectors.  She has been involved in…

Continue reading

An acquaintance from a younger generation said to me one day, “Don’t you know that privacy is dead?” I was taken aback at his frank assessment, but I replied “Privacy is not dead, but it is under attack, much like many of our other values.  It is like virginity.  Once given away, it cannot be given back, and that is all the more reason to protect it.” Many give their privacy away for daily trifles.  Mail in rebates, product registrations, text coupons, credit requests, SMS updates, and store discount cards…

Continue reading