Felicia King's guest today is Ken Dwight.
https://qpcsecurity.podbean.com/
Ken Dwight is “The Virus Doctor” – Business consultant and advisor to IT service providers and internal IT at many businesses who have come to him for his training, has his own direct clients. Ken conducts a monthly community meetings for alumni. He provides a list of curated items of current interest for discussion and resources, and has a featured topic which often includes another speaker to provide breadth of perspective. He has been doing this community service for 83 months!
I asked Ken to cover with me some topics that from his perspective don’t get talked about enough.
Business Email Compromise
Also known as CEO fraud. Impersonating a CEO for purposes of wire fraud. We are focused on the technological solutions. There is no technological solution for eliminating BEC.
CEOs must be part of the solution.
Example: Subcontractor to Airbus. Used to dealing with multi-million-dollar wire transfers.
BEC is a large Fortune 500 issue, it scales down to one user environments.
Title companies are a big target.
Retention policies and standards for WHERE to store what kinds of data to make sure that email is not a file server thereby increasing the risk of what data is compromised as part of BEC.
Perfect example of the beginning of an incident response plan or a tabletop exercise. Orgs must define the cost of compromise. That plan needs to be in place long before. It makes a recovery so much more straightforward.
Attackers analyze their victims in tiers. Potential victims $10 - $50mm revenue organizations. Reputational damage, but not big enough to have an adequate cybersecurity budget.
ShadowIT is a problem, which is why you must address it with a CFO-enforced procurement policy.
Proactive management of M365 tenant security configuration is so critical
The security of your tenant is not included in the fee for biz premium or the overall licensing.
How much activity there is, changes, products, services, vendors. Ideal stack, layers, point solutions within that. Revisit that in a period of time like a year.
This is a nice resource for M365 security and BEC.