The Cyber5 Podcast

Personal Information Exposure Can Lead to Disaster

Episode 54 | September 8, 2021

In episode 54 of The Cyber5, we are joined by Aaron Barr, Piiq Media’s Chief Technology Officer.

We discuss how data breaches are combined with other open source information to paint a more holistic target profile for bad actors. We also discussed the true information anchors and weaponization that can lead to an online attack against someone. Finally, we discussed what executives and individuals can do to protect themselves and how protective intelligence is playing a greater role in physical security.

 

 

Here are the 3 Topics We Cover in This Episode:

1) Common Information Anchors Used to Attack Someone Online:

  1. Connection to an organization indicating that someone is likely a high net-worth individual.
  2. Communication platform for content delivery including email address, social media platform, phone number, etc.
  3. Context for authenticity. The social engineering approach must have the right information about an individual for increased success.

2) Best Practices for Staying Safe on the Internet: 

  1. Keep social media postings about personal information, locations, jobs, education as simple as possible. Be careful not to post pictures with background details that give your location or family profile to potential attackers.
  2. Ensure profile pictures are minimal as those are public regardless if everything else is private.
  3. Password managers should be used for personal accounts.
  4. People should have at least three personal email addresses. Email addresses should be siloed: a) social media accounts b) bank accounts or personal information c) thrown away for rewards, e-commerce, and gifts.

3) Education and Awareness Training Still Important: 

Education to executives and the workforce about simple technology such as the ability to flag suspicious emails that get escalated to the security team still goes a long way in securing the workforce.

Adversary Research
Discovering the methods, motives and identity of threat actors to disrupt attacks 
Reputation Defense
Technical guidance for countering disinformation and slanderous attacks 
Trust & Safety
Intelligence to secure business operations and defend against fraud, abuse and e-crime 
TPRM Exposure
Adversary-centric intelligence to address supplier, M&A and investment risks 
Outside Intel
Research for defending outside the firewall that leverages tier 3 intelligence programs 
Executive Shield
Assessment of threats to key personnel with attribution and PII takedown  
Adversary Insights℠ Retainer
Annual retainers for client-driven inquiries and rapid-response research 
Intelligence Team as a Service
Collaborative engagement providing robust intelligence and tier 3 cyber analysts  
Event-Driven Intel Investigations
Multidimensional security fact-finding that delivers insights into adversary behavior 
On Demand Threat Research
Proactive and preventative investigations that reveal threat actor context and risk correlations 
Investment Zero Touch Diligence℠
Project-based discovery to assess risk for investments, IPO, Mergers and Acquisitions 
TPRM Zero Touch Diligence℠
Subscription assessment of external network hygiene, key personnel, and non-traditional business risks