The Ever Present Now

 

This week I had the privilege of spending some time with one of my very long-term friends who is truly a very good person and tragically, in the late stages of cancer.   While his time may be coming sooner than the rest of us, it was very much a sobering event in my life.  Admittedly, while I am certain I am not the first person to experience this, for me it made for a tough day.

As we were talking, I asked him what he misses in his life right now and he took the moment to share.   He misses driving for himself, he misses the chance to play golf, and then he said he misses his grandchildren.  I paused and asked “But, you get to see your grand kids right now – yes?”  His answer was telling, as he went on to say, “I am going to miss the chance to see them grow up.”   Then he paused, looked at me and said: “I guess what I am really saying in a more nuanced way is that I am going to miss the time I thought I would have.”   We chatted a bit more,  then it was time for me to go and we parted with a few tears and a genuine sense of love shared between us.

The Insight.

As I was thinking about my visit, it seemed that he left me with an important question.   I can live in the past, focus on my future, but how much time do I really spend in the present sharing what I think right now with those I love?

There is a popular Chinese proverb that says: “The best time to plant a tree was 20 years ago. The second-best time is now.”  So, I took it to heart and called my family, close friends and told them what they mean to me and that I love them.   After all, what was I waiting for?   I thank my friend for this gift, for he took some of that precious time he had, shared some of his wisdom to make me and the world a better place.

So, I made the leap to how this might apply to my current efforts in working with my customers.

What are you waiting for?  The threats in our world are real and present.  The time to make your personal and corporate security happen is today.   We at Cog Systems have some ideas and would gladly share them with you to help make your connected devices more secure.  We even have some products you can buy today that will bring that added protection that you know you need.

Plant a Tree Today.

In short, plant your tree now by investing to make yourself and your company a more secure environment.

Personal Note.

Oh, and if you will allow, pick up the phone and call that person that means so much to you and tell them directly why they are so valuable and that you love them.   You will never regret it.

Katy, Bar the Door!

 

You lock your front door, right?   Do you also lock the back door?   What about your windows?   Well – duh – of course you do, common sense requires you at least do the basics to protect your home and family.

So, back to Katy.   Did you know the phrase “Katy, Bar the Door’ goes back to 1437 with the Scottish King James I?   Turns out the King was in Perth and a few of his more discontented subjects wanted to have a word.  Tragically, the room that King James was in had a door that was missing a locking bar.  The story goes that Catherine Barlass tried to save him by barring the door with her arm. Her arm was broken, and the mob murdered the King. Hence, the term the ‘lass that barred the door‘ was born and commemorated in Dante Gabriel Rossetti’s poem The King’s Tragedy in 1881.

In this case, we treat VPNs as the lock for the front door of our connected devices.  But, what about the back door, or your windows?  Remember there is always an angry mob coming for your device.

So, “Katy bar the front door, the back door, and the windows!”   This is an overly simple analogy for leveraging defense in depth – just in case someone tries to breach one of your many entry points.  You sure do not want your laptop to suffer the same fate as the Scottish King.

Use your VPN, but then add a Protocol Break, and a Firewall.  Now we have protected three potential threat vectors to your connected device.   Is this enough?  No, but what do you think your insurance agent might say if you failed to only lock your front door?  Heck, what would Katy say?

Aegis Secure is now making a world class Enhanced Retransmission device (ERD) to give you a way to lock the back door and windows as part of your Defense in Depth protection for your connected devices (a VPN is the front door).   In collaboration with Cog Systems, Aegis Secure is now offering a commercial ERD that gives you a Firewall & Protocol Break through a simple 2” square device you tether to your connected devices to bring these added security features to your end user device.

Aegis Secure helps you bar the doors and windows, in partnership with your VPN.

In honor of Katy, let Aegis Secure help you bar the doors and windows.  Ping www.aegis51.com to help you realize Defense in Depth for yourself and everyone in your company.

The Cybersecurity Cake

Defense in Depth is as synonymous to cybersecurity as frosting is to cake.

So, indulge me. It is your birthday, good on you for making it another year around the sun and to celebrate most folks would normally hope for a cake. If it is my house, you even get to pick what type of cake you want to help celebrate your special day. Now, it is the big day with your family and friends and out comes your celebratory dessert – a sheet cake. Be honest, you are still glad to get a cake (better than a bag of Twizzlers) but a sheet cake?

Yes, you are disappointed because if you are truly honest you were hoping for a layer cake. A robust three-layer cake with candles on top burning bright. Why the three-layer cake? The extra frosting protecting the three layers of stupendously tasty cake in between make all the difference. This is the difference between simply meeting the requirement and exceeding it.

So, if we stretch this overly simplistic analogy to your organization’s cybersecurity approach for your connected devices – a VPN is the sheet cake. A sheet cake should not be the extent of the cybersecurity approach for your employee’s connected devices (Mobile, Tablet, Laptop).

Defense in Depth is a layer cake. You deserve a layer cake. The world demands it for the protection of your privacy and critical data.

Let’s add some layers to your Defense in Depth approach for your connected devices. The VPN is the bottom layer, a Firewall is the middle layer, and a Protocol Break is the top layer. Now wrap it in an easy to configure admin/ user interface for frosting and you have delivered on the promise. You deserve it.

Aegis Secure

To meet this need, Aegis Secure is now making a world class Enhanced Retransmission device (ERD) to give you the top two layers to your Defense in Depth protection for your connected devices. In collaboration with Cog Systems, Aegis Secure is now offering a commercial ERD that gives you those added layers (Firewall & Protocol Break) with a simple device you tether to your connected devices to bring these added security features local to the end user.

You deserve it, you need it, and if you are honest with yourself – you want it.  You want the Enhanced Retransmission Device for your connected devices. Just like you want a layer cake for your big day.

Happy Birthday.

Ping Aegis Secure to get your Layer Cake and realize Defense in Depth for yourself and everyone in your company.

“Your Money or Your Life”

 
The saying, “Your Money or Your Life,” comes from the dreaded Highwaymen who were “as common as crows” between 1650 to 1800 in rural England. Travel was already hazardous due to the absence of decent roads and a lack of general rule of law. No one rode alone without fear of being robbed. In fact, travelers often wrote their wills before hitting the road.

 

Your phone is your life.

Not only when you consider all the time you spend on your phone (about 4.5 hours a day), but all the things that you keep in it. Think about it – 1) how would you call anyone since you have not memorized a number in a decade? 2) add all your banking, health, work, and social information; and then 3) it is now your electronic ID/ primary authenticator among everything else. What would you do if your phone disappeared? Is it the end of your life as you know it?

 

The 21st Century Highwayman.

Bring up ransomware and everyone knows what you are talking about thanks to the 21st Century Highwaymen who are shutting down hospitals, factories, power plants, and banks. Only your imagination limits what they attack next – and your phone is on that list.

 

It Happened, Now What?.

The dreaded ‘YMCA’ Ransomware attack has hit your mobile phone. It locks the phone, and it plays an un-ending loop of ‘YMCA’ by the Village People. Sure, ‘YMCA’ is fine in small doses – but not endlessly. You can make it stop – just pay the Highwayman!! Your ransom? Send $1,500 in Bitcoin to some random account. After all, it’s “your money or your life.”

Hold on, you say. This is not my fault! It is the hardware, an app, or the carrier allowing the bad bits get to me! The Highwaymen are not stupid, and the Highwaymen undertake rolling attacks of the ‘YMCA’ ransomware – hitting random manufacturers in dispersed geographic regions to keep the problem on the user. None of the hardware, app or carrier players are going to pay your ransom, but they will pay dearly in brand damage for failing to even attempt to prevent attacks with tools adoptable today from the folks at Cog Systems. Not to be cynical, but why would you even ask for help from the hardware, app and carrier providers?

No insurance exists for the attack of the ‘YMCA’ ransomware – it is on you. But at least you have a choice: 1) Pay the ransom ($1,500); or 2) Buy a new phone ($1,200) and then reinstall and configure your apps.

“The more things change, the more they stay the same.” Who would have thought that an aphorism by Jean-Baptiste Alphonse Karr from 1850 would still carry so much relevance today? The dreaded Highwayman to the ‘YMCA’ Ransomware attack separated by just 200 years.

The ‘YMCA’ Ransomware attack is coming.

Did you write your will?

Better Living through a Protocol Break

Protocol is the standard set of rules that allow all of us to communicate with each other using the proper procedure for conduct. Not that protocols do not change over time, or that they may be different by culture, but they do establish the norms for a safe and secure method for all of us to get along.

However, if you will allow, let me propose the counter-intuitive argument. Breaking protocol can lead to better living in one area – Ultra-Secure Mobility™.

As we look to how data is transmitted over a network, of course, it is governed by Protocol. This Protocol is a set of communication agreements, which ensure that as long as both sides of a communication channel adhere to it, the data gets delivered correctly. This protocol does two primary things: 1) that the data gets routed in the right direction; and 2) that it is chopped into parts where needed and reassembled again where possible. These protocols can also govern some other very complicated things like compression, tunneling, load balancing, authentication, caching, spooling, and all kinds of things to make the communication go smoothly.

However, these Protocols only work under the condition that both sides are cooperative. Security attackers leverage this ‘trust’ by not being cooperative for the express purpose of working to find an attack vector.

There is an answer. Introduce a Protocol Break.

A protocol break consists of two components that sit between the sender (upstream) and the receiver(downstream) of a message. The first component is a “catcher”, which, while adhering to the protocol, strips all traffic control data from the data it receives, and keeps only the payload data. The second component is a “thrower”. The thrower does the opposite: it takes bare payload data and sends the payload to another system by means of a chosen new protocol. To do this successfully, the thrower does all the complicated things that are necessary to adhere to this new Protocol specification.

For example, in a “protecting secrets” scenario it can generally be assumed that the attacker has access to the upstream network. From the upstream network, the attacker could attack the downstream network by abusing a design flaw in one of the systems on the downstream network. Though the attack may still cause harm in terms of availability on the downstream network, the Protocol Break effectively cuts out those attack vectors which live in the traffic control data from getting downstream.

In our view, Better Living through a Protocol Break can be achieved for the broader market – especially for IoT or Connected Devices.

At Cog Systems, we build solution that rely on a defense-in-depth resilience that includes an architecture that is layered, isolated, and modular, with commercial off-the-shelf hardware and software.