Ransomware, Phishing and Fraud

Cybersecurity isn't just a concern for large corporations. It's
vital for businesses of all sizes. It's essential for companies
to know how to protect sensitive data, restore from backups, and
regularly test their systems with internal pen tests to keep
their teams safe. Today's guest is Bryce Austin. Bryce is the CEO
of TCE Strategy, a cybersecurity advisory firm. They provide
vulnerability scans, penetration tests, fractional CISO services,
and incident response services. He is also a professional speaker
on ransomware. Bryce is the fractional CISO to many companies,
including one on the S&P 500.


We talk about the key aspects of cybersecurity for businesses,
and how to be proactive with patching, training and strong
password management. He shares his experiences with major cyber
incidents including ransomware, phishing and the Target breach,
and how defense in depth, backups and financial controls are key.
Bryce also mentioned the use of password managers, regular
vulnerability scanning and external monitoring to increase cyber
resilience. We share practical tips for all businesses to protect
against ever changing cyber threats.
Show Notes:

[00:59] Bryce started TCE Strategy in 2016. It's their goal
to keep their clients one step ahead of cybercriminal risk.

[01:32] He has a degree in chemistry. Technology was just for
fun. He ended up working in the payroll space which was ripe for
cyber security concerns.

[03:00] He was really pushing cybersecurity and then their
company was purchased by Wells Fargo. It ended up being amazing
training for starting his own cybersecurity business.

[05:24] Bryce shares how he was affected by the Target
security breach. He ended up unemployed and was deeply affected
by food stamp requirements for his family. 

[07:34] He wanted to make sure he would never go through this
again and started his company.

[08:19] His public speaking began in 2011.

[09:17] He was indirectly affected by the Target breach, and
he also shares his indirect personal one.

[12:59] Bryce was actually spearfished in 2018.

[14:36] Incident response is when something happens from a
cybersecurity standpoint and damage has occurred. Oftentimes data
is encrypted. This is a ransomware attack.

[17:18] Bryce tells the story about how a hotel was hacked
and a large payment was able to be intercepted.

[18:31] Phishing attacks are where someone clicks on a bad
link.

[20:38] His biggest Christmas gift was none of his clients
getting hacked.

[21:05] They also had a ransom demand where they had to pay a
million dollars.

[23:02] If they would have been looking harder this wouldn't
have happened.

[26:26] Issues with hooking up to the Internet and having
default passwords.

[28:07] Why it's impractical to make ransomware illegal.

[31:12] Even criminals have a reputation to uphold and
usually hand over the encryption key.

[33:56] Bryce talks about some of the preventative things
that people can do. 

[34:47] Be proactive and have diligent patching.

[35:37] Don't use the same passwords over and over. Use a
password keeper. 

[36:54] Have offline backups.

[38:09] Follow all processes and procedures when moving
money. Use unique passwords.

[39:27] It's important to encrypt your backups.



Thanks for joining us on Easy Prey. Be sure to subscribe to
our podcast on iTunes and leave a nice review. 
Links and Resources:

Podcast Web Page

Facebook Page

whatismyipaddress.com

Easy Prey on Instagram

Easy Prey on Twitter

Easy Prey on LinkedIn

Easy Prey on YouTube

Easy Prey on Pinterest

Bryce Austin

(612) 730-9897.

Bryce Austin on LinkedIn