The Art of War and Cybersecurity: Trends and Training for your Team


Welcome, everyone. My name is Tom McDonald. I am the CEO of NSI and I appreciate you giving us some time and taking the time to view the webinar we're gonna go through today. So what we're gonna talk about today is how to stay up to date on cybersecurity and cyber threats as a busy CEO. And what I'll attempt to do here is relate this to the teachings from "The Art of War" by Sun Tzu. So as we go through this presentation today I will put together some of the lessons we learned in the book, how it relates to what's going on in today's cyber warfare landscape.

So, reminder, this is the second webinar we've done. So this is a series, we're gonna do one every month. The majority of what we're gonna be talking about is around security. So if you didn't catch the first one the same place that you found this one will have the links set up so you could take a look at that first one as well (watch Part 1 here).

Watch the Free Cybersecurity Awareness Training Video

So our agenda today, we're gonna go through the current state of protection. Talk to you a little bit about what most SMBs face. The many small businesses are largely unprotected. The growing list of threats, the risk, the attacks, being carried out by today's cybercriminals there's a ton of stuff that's gonna go on. Then we'll go into this expanding cybercrime phenomena and I'll talk to you about the somewhat ancient wisdom from Sun Tzu's book, "The Art of War" and how we tie that, how we make that all too relevant to what's going on in today's environment. Then I'll take you through NSI, we'll talk a little bit about who we serve, what we do, and why we do it. We'll then do a recap. We'll go through some closing thoughts and a couple of calls to actions for you. If you wanna take advantage of some of the things we can help you with going forward.

Current State of Cybersecurity and Protection

So let's get right into it. The current state, you know, what is happening today? Today, the battlefield has moved, it's come directly to you. All businesses big and small, you must protect against all the attacks that are going on specifically towards your information and data. These are things that are the most valuable to your business, no matter what businesses that you're in, the information and data is the lifeblood of your organization. If we look back over the last 20 years we spent a tremendous amount of time and money getting ourselves hyperconnected on the internet. It's the ultimate application.

We've created an incredible mesh network. We've worked very hard to get everyone digitally connected all the time. So what does that mean? Employees, customers, training partners. Email connects everybody all the time. Add into that ACH, instant messaging, think about all the ways and all the stuff that is plugged in in running 7 by 24. We created this world. We gave very little consideration to security as we did that. In essence, we've created a super attractive, very large, vulnerable attack surface for bad guys. We have built something that is very easy to compromise.

So thinking about all of these, we have spent a tremendous amount of money and time getting connected, for whatever the reason, there has been a tremendous amount of resistance in spending anything to secure everything that we've put together. And this needs to be fixed, and this is a problem that can't be solved today, it can't be solved tomorrow, but needs to be worked on continuously. 70% percent of attacks are on the SMB.

Two years ago that was not the case. Today, I'm doing this webinar because this is what's happening. Our clients, the clients we serve every day are under attack.

The Expanding Cyber Crime Phenomenon

If you think about it, your information is very attractive to these criminals. There was a quote by Willie Sutton, so Willie Sutton was the bank robber, the famous quote was when they ask Willie "Why are you robbing the banks?" He simply said, "Because that's where the money is." So think about that, it's the same thing that's going on today. These attackers are going after you because that's the easiest place for them to go. That's where the money is.

A couple of quick facts:

  • 41 days before they discover that someone's been in your system or that person attacks your system, it's amazing,
  • 62% of small businesses go out of business six months after the attack.

If you think security is expensive you need to understand how expensive it is not to have it. Think about that. SMBs have not spent a time or money, you guys are vulnerable, you need to know how expensive it is not to have it, $300 million of ransom paid in 2016 and that number is very under-reported. I know for a fact based upon some people I've talked to that there's ransom that's paid that's never reported. I don't know who is reporting, I don't know where you call to say, "Hey, you wanna take down this fact and figure, I just paid a ransom. I just paid 300 bucks to get a copy of my excel files back from some teenager in Croatia." I don't know where that happens. I don't know where they could tell or link this information, that number is probably very understated. And the cost to remediate after a breach averages $32,000 in 2016. That number I think is very accurate if you think about what would happen if you don't pay that or if you can't pay it or if it's some other kind of breach and you need to invest in the time, the money. What people don't realize is how much that cost your business, not just the dollars you have to pay to somebody to help you, but what that really costs to your business.

Backup is not a security mechanism. I can't tell you how many times I hear when I talk to a client and they say to me, "Tom, I'm all set. I have this backup. You put this backup solution and that solves all my problems." The reality is that it does not solve all your problems. Only when you fail to properly secure your business is backup the recovery option. It's a terrible mechanism to declare as a security solution. We'll talk more about this as we go but what you should have in place in front of the backup is your security solution. Backup is only the last chance to recover after everything else has failed.

Ancient Wisdom From Sun Tzu’s Art of War

So five driving forces from "The Art of War" and we're gonna take you through these. Here we go. All warfare is based on deception. So cybersecurity is no exception to this. Today's attackers are deploying modern forms of deception and you need to be able to recognize that, malware, ransomware, phishing attacks, social engineering is going on and they're tricking your users. Their whole purpose is to get into your system, steal something that they can use either against you or against somebody else, encrypt something that you have. Ultimately, they wanna get into your system.

So what does this mean to the small business person? Well, the first thing is you need an effective and intelligent software solution. This is the first driving force, a defense perimeter. A combination of AV, anti-malware, firewall, threat management, this is at a minimum what you need in your enterprise, and listen, this is not simple. It's a complex side of software, it's solutions and you need someone to manage that to help you keep you protected. What we'll talk about later are solutions that we have that can help you detect and isolate threats. You already know these things are out there and they exist you just need to start implementing it, detect and isolate.

So real time, the last thing I wanna talk about this is, this is, you need this in real time or near real time. The criminals don't work Monday through Friday 9:00 to 5:00. This is a 7 by 24 operation. So when they get in you need to know it, you need to know what they were looking at and you need to know that as soon as absolutely possible. So the best way I use this when I talk to clients directly is I talk about Homeland Security. So you don't hear about the attacks. If you don't hear about anything you don't realize all the things that are going on on a day-to-day basis and you lose appreciation for them. So you should know what's going on in your environment, you should pay attention to what's going on in your environment. And the last thing to remember is nothing is a 100% effective. As mentioned before, backup is the last defense, you need backup but you need this direct protection in your frontend.

Victory usually goes to the army who has better-trained officers and men. So, remember this is a people problem. Social behavior is using employees and customers and making them part of his criminal network. I said it here again bad guys are using your people. You need more than great software. You need to make sure your employees are part of the defense. It's a shared responsibility which ultimately means it's your responsibility to make sure you have the most comprehensive coverage possible. That includes end-user training, end-user testing. That means that you can't just rely solely on a piece of software. Your people need to be educated on an ongoing basis and your people need to be tested to see if the education is working.

So what I'd like to show you is here a couple of examples that we'll go through. I've used these examples before. There are a lot more...a s I go through these I'm sure everyone listening to this will have similar things to look at. But just pay attention to what comes into your environment and these are basic things. These aren't even complicated ones. This first one is from Microsoft, it shows you that the name doesn't match the web address. That's a first sign of something to look at. This next one goes through the red flags you should be looking at.

So if you go from the left to right, is this an unexpected and unusual email with an embedded hyperlink? 9 times out 10 you have a sense that something is wrong. I don't understand it though. Clients still click on these and it doesn't make any sense. Look at the Bank of America web address, they have a… they've misspelled America. So, and they do that very specifically because if you look at it quick, you don't realize it's an RNN. You might think quickly that it's an M.

So these are just simple things that people need to be aware of. So you gotta share the responsibility, you gotta make sure your people are aware. Again, you must do training. You must hire somebody to help you do this, you can't do this alone. As the leader in the organization, you have to take responsibility, I keep talking about this. You need to get somebody involved that can help you and you need to work with that person. It's a strategy, it's a people problem, it's social hacking, your employees need training I'm gonna reiterate that. They're confused, the bad guys know how to trick these people so you need to be constantly up to date and keep them posted. You need the software and you need the training.

In the midst of chaos, there is also opportunity. Every day new attacks are created. You can''s not an exaggeration, you can't possibly keep up. People are working on this 7 by 24. And you know the names or the ones you'll hear wanna cry. Everyone's heard they wanna cry but they're smaller scale stuff, they're smaller attacks that happen all the time that don't get the national attention. It's constantly changing. It's almost impossible to keep up. You gotta stay aware, you have to be vigilant and informed. Or you have to have a company doing this for you. It's not a today issue, it's an everyday issue. You can't solve it today, you can't solve it tomorrow, you have to solve it every day over and over and over again, it's an everyday issue.

Here's something to help you get a sense of what we're talking about. What is happening today in the connected world that we live in is at the size and scale of the industrial revolution. The industrial revolution took 75 years to evolve. This is like a 75-day thing that's going on here because of the speed of the technology that we're working. So keeping up to pace is very difficult. Only people that are keeping up the pace with the bad guys are providers that help you secure your systems, because as soon as one issue is resolved another one develops. Think about Equifax, 143 million records stolen that's the working population of the United States, financial records, social security numbers, W2s, as I record this that was about a month ago all of these that happened.

People haven't seen anything, they think they're safe. The reality is you're not. The information that they took is being brokered, it's being traded, people are working on that looking for ways to compromise it, we won't know the full extent in this until a couple of months from now and then it could go on for months and months and months or years and years and years depending on who changes what or who does what. So this is a major issue that's developed and it's just, we'll just, you know, what I mean scratch the surface of what's gonna happen.

Victorious warriors win first then go to war while defeated warriors go to war first and then seek to win. So think about that. This is all about being prepared. As a business leader, you take personal responsibility on this. You educate your people. You get collateral. You work with partners. You need to be consistent. You need to be concise. Security is many things, but the one thing is that it's constantly evolving. So as a business leader you must take responsibility for this. You need a strategy and you need to be prepared.

To know your enemy you must become your enemy. Because the attack surface is so large, the volume of attacks is extraordinary. We are woefully underserved and outflanked by the enemy, you can't fight them alone, you need help. You and your team, if you even have a team, if you have somebody that does IT for you internally. You need help. You don't have the skills needed to combat them. You need a highly skilled person, a highly skilled team. This is not something you can generally find in a small business or an employee so you need to partner. You need to find a provider that does this and that they do this as an ongoing service, not a onetime thing. So someone that understands the enemy better than you and that is an IT, security service provider that could help you. So as a business leader you gotta go get help. You need a highly skilled team that provides protection coverage and understands that enemy better than you do.

NSI Managed IT Services Provider: What We Do and Why We Do It

So that was a pretty interesting way to link "The Art of War" to all the stuff that's going on with security. Hope that you found that helpful. Let me tell you a little bit about NSI, what we do and how we help. So NSI helps you, the small business provider, make more money, spend less money, reduce the risks of losing it, stay compliant and secure. So a lot of stuff we just talked about we help companies do that. What we offer, we like to call it the unique genius, what separates us from the other IT service providers that are out there and what makes our model different and allows us to do provide the service that we like to provide and the way we wanna provide it.

So we answer now, we have real people locally staffed here in beautiful Naugatuck, Connecticut, right outside my door where I'm recording this. We have the full team sitting in that help desk ready to solve the problems you have or prevent the issues so you don't have those problems. We work on it today. So when you call us, when you reach out to us it's an instant situation. You're not gonna wait a week for us to show up onsite. We're gonna fix your issue today. We offer a fixed price all-inclusive solutions. So what that means is when we agree that we're a fit for each other we give you a fixed price, a monthly price, you don't pay anything extra. Everything you need is included in that number so that means all the remote monitoring and management, what we're doing for you from a project basis you know exactly, you could put in an ink into your budget, not in pencil.

Lastly, we provide a standardized solution and security, we forced compliance, so when we come in there to take on your account and provide you the security and the coverage you need we standardized the solution. Not only do we standardize it inside your organization, we get all of our customers standardized across the environment that we service so that it's easier for us to service, it's fast for us to remediate, and we use what is the best practices and what everybody should be doing.

What we do? We provide IT support in real time, we provide virtual CIO service, which is particularly of interest to you, if you're a leader of an organization. If you have questions about technology that go beyond why can't Carol print, why can't Steve get his email on his phone, these are business related technology issues that we can help you with. So reassign your VCIO, they meet with you on a quarterly basis, they can meet with you on a weekly basis. If you need our help we're here to provide it. We can meet with your other technology providers and really anything technology related if you plug it into a wall we can help you with that.

Basic remote monitoring and management that's table stakes, that's what everyone does. We do that as well. Cybersecurity and what we've been talking to you about today that's something that needs to be individualized for each organization. So if you have any questions about that please reach out and talk to us. And then lastly, backup and disaster recovery, that's embedded in our solution so because of the way we offer our solution that if something happens we're gonna come out there or remediate, we don't charge you anything extra. We make sure that you're backed up and you're recoverable so we can get you back up and running in the fastest most efficient way possible.

Industries that we serve. We are a horizontal organization so clients from not-for-profit to professional services, to manufacturing, to the state and local, to healthcare, you name it. If we can get to you, if you're in our GO we're gonna come and service that account. The one thing that we find across all of these is that you value technology and that there's interest in leveraging that to make your company or your organization better.

So these are things that you can do today if you wanna get some help, network assessment, we'll come out there, we'll look at what your environment is, we'll ask you some questions, we'll run a non-evasive tool to get all this information out of your system and that's free. If you need a price quote, you know you need something, if your software has expired, if you need help with a product, if you're ready to buy something and you need a price quote you can call us. We'll take care of that.

And then if you have any questions or you need to get in touch with us today there'll be a link at the end of this presentation where we'll talk to you about how you can get a hold of us, but also we'll get you some information about how you can take a test to see how your technology measures up.

Recap and Closing Thoughts

So running out of breath, we're in the homestretch, next step is closing thoughts. If you think something is wrong, this is directly related to security. If you think something is wrong, call us sooner rather than later. The faster we can get in there the better off it is for you, the sooner we can remediate that damage generally solves a lot of problems.

Sign up for our ongoing security awareness training, it's inexpensive protection for you and your company. The way that works is we test your users, well, first, we educate your users then we test your users, simple inexpensive protection and it's ongoing. So it's every month, we set it up, customize for whatever makes sense for the organization type of business you're in. And then what I talked about earlier, there's gonna be a link at the end of this presentation to see how your technology measures up (click here). I highly recommend you click that, there's a couple of quick questions you go through and it'll be pretty straightforward.

That's it, I appreciate you giving me some time today. Thank you very much for allowing us to talk to you about this. Again, if you need anything or if we could be of help to you in any way, please don't hesitate to reach out.

ct small business guide

About The Author

President of NSI, Tom has been helping small and medium businesses succeed in Connecticut for over 25 years.