We've spent the last 3 weeks breaking down the formula in significant detail: using industry standards, protect your technology, protect your data, and protect your people. That will get you to about 97% secure. But... what about that last 3%? What if you do everything right and STILL get attacked? How do you survive a full-blown cyber incident?

Today we interview the great Robert Cioffi and learn exactly what he did when everyone's worst business nightmare came knocking on his door.

My #1 key takeaway: CULTURE. Retreat to your war room and dig deep on your company core values. Who are you as an organization? Let that be your #1 guide when rubber hits the road.

Takeaway #2: community. "No matter how brilliant you are, there’s always something to learn." Get involved in your local community and your industry's community.

Takeaway #3: “You really need to be following some sort of framework”. This is what we talk about week after week when we suggest following industry standards and best practices. There are dozens of frameworks out there. Some are required by government regulation (PCI, HIPAA, NIST, CMMC, etc.). Others, like CIS, are designed to be self-regulated. Follow the ones that best suit your business model.

In his book "Future Crimes", Marc Goodman said something that has been burned in my brain for years:
“If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology. Cybersecurity is a people problem, not just a technical one.”

What's the #1 threat to your organization? IT'S US! WE ARE THE PROBLEM!

The truth is, we can follow every standard, control, and best practice under the sun, but all it takes is a careless or uninformed click or tap and it's game over. So, if people are the problem, what is the solution?

• Proper tools
• Education
• Policies and procedures
• Culture

While this might be part 3 of our miniseries, treat yourself to an invaluable discussion of the #1 best thing you can possibly do to protect your business: take care of your people!

Data backup used to be simple: a tape drive on the server and you're good to go! Now data lives everywhere. Taming this beast can be a challenge to say the least. Here's a quick-start guide:

1. Go through each department and major function in your business (BizDev, Operations, Finance, HR, etc.)
2. Identify the technology used for each
3. Make a note of where the associated data is stored
4. Create a plan for backing it up and testing the process

Most important: review this process regularly because things change!

For Cybersecurity Awareness Month, we decided to do something special. So over the next 3 weeks we will deep-dive on each of these areas and give you a list of what needs to be done, as well as how you can verify that it’s implemented. This week: Protect Your Technology

In today’s episode, we are going to answer the burning question I know you all have: “What in the hell is the Dark Web?” Spoiler alert, we talk about the tame stuff on here. It is a vile place to hang out. That said, our breach breakdown of the week is 23andMe. This is old news, but the proposed settlement is happening now. … Then, as always, we’ll wrap it up with the formula to protect your business from Boris Grishenko.

In today’s episode, we are going to talk about how to spot a phishing email (and how to get your whole company to do the same), dive into a $5 Million lawsuit for not paying the ransom, and as always, wrap it up with the formula to protect your business from Boris Grishenko.

In today’s episode, we are going to talk about how to make sure ALL of your critical data is backed up, we’ll break down 2 specific security events that sent over a quarter million dollars up in smoke, and as always, wrap it up with the formula to protect your business from the likes of Boris Grishenko.

In this week's episode, we help business owners get proper cyber security insurance coverage, and make sure it’s paid in an emergency.