Welcome back to the TCE Strategy monthly technology and cybersecurity newsletter! The mission of this publication is to cut through the clutter of cybersecurity news stories and provide you with the most important, relevant and actionable cybersecurity information.
If this newsletter adds value, fantastic! That is the goal. Please forward it on to friends/colleagues. If not, no hard feelings. Please look to the bottom for an easy to click "unsubscribe" button.
Season’s greetings everyone! This has been a wild month in cybersecurity, so let’s get right to it.
Last month I wrote that “cryptocurrency exchanges are under siege, both by cybercriminals and by shady leaders that do foolish things.” This was in regards to the collapse of cryptocurrency bank FTX. In a not surprising update, Sam Bankman-Fried, former head of FTX was arrested in the Bahamas on Dec 12th at the request of the US government. Because the Bahamas and the USA have an MLAT (Mutual Legal Assistance Treaty), he will likely be extradited to the USA soon, although he intends to fight that. To be honest, I’m surprised that he didn’t move himself to a non-MLAT country to see how this was going to play out. My prediction is as follows: he will lose his fight against extradition. He will either face civil and criminal charges in the USA or will flee and spend the rest of his life on the run (although he is in jail at the moment). His name will go down in history next to Bernie Madoff, Tom Petters and perhaps even the great Charles Ponzi himself. New cryptocurrency debacles may be called Samgates or SBFgates. No matter how this plays out, a lot of people have lost a lot of money.
In other news, it is critically important to pick 3rd party providers very carefully, the same way that Uber and the Belgian city of Antwerp didn’t. If a 3rd party has access to your data or your network, their breach is your breach. Vetting 3rd party providers is a service that TCE Strategy can help you with.
This month it is particularly important to patch, well, everything. Microsoft, Apple, Firefox, and others have all issued critical patches, including some that are already being actively exploited. Setting all devices in your life to autopatch is a very good idea. Rebooting your computer(s) at least once a week is a very good idea. Patch early, patch often.
Until next month, stay safe!
Upcoming Speaking Events
Live events are back in action! Here is a list of the cities that I will be in for 2022/2023. Please feel free to reach out if you have an event in mind.
January 17th-20th, Fort Meyers, FL
February 22nd-24th, Ames, IA
March 7th-8th, San Diego, CA
March 13th-15th, Salt Lake City, UT
May 29th-June 2nd, Las Vegas, NV
July 14th-18th, Orlando, FL
August 6th-20th, Honolulu, HI
I need a better definition of the word "mandatory" to interpret this article. Laws do not change behavior. Laws + enforcement of those laws + sufficient penalties for breaking those laws = a change in behavior.
Cybersecurity Tip of the Month
The holiday season brings a million things that demand our attention—events, activities, shopping, and much more. It’s enough to make anyone’s head spin!
So for this month’s tip, make sure you have the cybersecurity basics in place: secure your passwords, use multi-factor authentication wherever possible, and set your devices to auto-patch.
And then, maybe for a time, give yourself permission to log off and be a little more present with the people and the world around you.