The talent performances will feature a 15 minutes skit of a day in the life of the youths in their school and what message they would like to deliver to the people about it. This skit will require multiple people of which the applicant will choose 2-3 friends to help in delivering the message. This will mean coordinating rehearsals and planning for the performance.

The rules and conditions of the contest will be posted on the website when it opens.
 
The winners will receive individual prizes as well as their schools.
 
Here are the winning prizes for the top 5 selections:
 
- An iPad
- A Netbook
- A Kindle or Nook
- $500 gift certificate from BestBuy
- $200 gift certificate from Staples
 
Each winner will receive a copy of a book that speaks about teen/youth/community/social development, bullying, online/offline safety/security and leadership values. They will be required to attend our Black Tie Community Youths Awards Dinner Ceremony on Saturday November 13th where they will receive their prizes/awards. They will then move on to hold the title of “Empowered Community/Youth Development Leaders” and join a special team we will continue to work with going forward. Working with these youths will mean being mentors, advisors and support resources for them so they can continue building on their own personal development and be looked up to as leaders and resources in their community and school.
 
Every participating school will receive gifts such as books and technology products from our partners and sponsors.
 
Due to the scope of this competition and it being our first attempt at it, we are limiting it to NY and NJ and once we do this first one the next will be national. I want this to be a look at how we can accomplish this and see any challenges before opening it up to the national scene. The lessons learnt will be critical to the national level’s success. We are starting the promotions and have already started pushing out tweets and Facebook updates about it while we work on the logistics. Building up the momentum and anticipation will get the participating youths in motion for it.

The contest will run for the entire month of September and will end on October 1st of which we will start selecting the winners. The winners will be announced on Monday October 11th via the contests website. The notices of winning and invitations to the awards dinner will then be sent to the winners. The contest will then wrap up on November 13th at the awards dinner.
 
Here is the first tweaser (tweet teaser) we are using for now “SISFI/TITSSN’s “Youths: The impacts of community/school in our lives” Talent/Essay Competition is coming in September. Stay tuned.”
 
More details to come as we finalize this for kickoff in September. We are very excited about this and we hope to get great support for it. Let’s get it started.
 
Thank you very much and have a great day. We apprecilove your patronage and look forward to serving you more.
 
~Brett A. Scudder~
President/Chairman – SISFI – The Scudder’s InfoTech SecuriCity Foundation http://sisfi.org
President/CEO/Chairman/Founder/Security Architect – ~TITSSN ~The IT Security Suite Network~ http://titssn.net
The IT Security Attaché| http://theitsecurityattache.com  | Blogs http://theitsecurityattache.com/blogs
TITSSN’s Technology / IT Security Social Network http://titssn.org

Today at 12 noon, SISFI officially launched its website http://sisfi.org and resources to the general public. We look forward to your patronage and providing the valuable resources needed for technology and IT Security education, awareness, training and development for all. As we embark on this mission, we ask that you take the time to learn more about our foundation and its objectives as we are all affected by the on and offline technology and security, privacy and risks of our every growing and changing global infrastructure.

Strength in numbers, strength in determination, strength in leadership, strength in values, strength in effectiveness, strength in qualities, success in strength.

Please join us as we take on the tasks ahead with an open mind, willing hearts and full schedules. We ask for your support by signing our guestbook and sharing your endorsement.

Thank you very much and have a great day. We apprecilove your patronage and look forward to serving you more.

~Brett A. Scudder~
President/Chairman | SISFI – The Scudder’s InfoTech SecuriCity Foundation | http://sisfi.org

We are getting ready to launch a major Cyberbullying offensive in May are asking for your support in numbers. We want to have a strong unified voice that will echo far and wide, loud and clear, deep and strong with hearts and hands in unity to every heart and mind. This is a people problem that can only be solved by the people if we unite and face the reality of its dark secrets and inner workings of simplicity. It is so easy to put into effect but yet so hard to get rid of or forget and unless/until we open up the lines of communications and call it what it is, we are in for more serious fatalities.

We are all affected by this threat and the only way we can win against it is to unify in a campaign of higher education, awareness and open discussions about the impacts, effects and solutions for it. Even if you don’t know of or about it, even if you have not been affected by it, even if you’re not privy to its darkness, help to bring them to light so we all can help each other overcome it.

We are aiming for at least 500 fans to kick off this initiative on our Facebook fan page http://www.facebook.com/pages/The-Scudders-InfoTech-SecuriCity-Foundation-Inc/106901499345679?ref=mf  so let us spread the word, build on the intensity and start motivating towards this blocking and mitigating this silent killer.

Strength in numbers, strength in the vision, strength through unification, strength in hearts, mind, love, care and concern on this converged global network.

Please join the fight towards this goal with us on Facebook.

Will you join us in vanquishing this inhumane evil?

Thank you very much and have a great day. We apprecilove your support and look forward to serving you more.

~Brett A. Scudder~

The ridiculous notion of our infrastructure being secured by over government or independent entities that limit partnerships and associations to only high levels, is a sure sign of the failure of the systems of security for tomorrow. Until and unless we unite in this fight against these issues and the growing trends by which they are being introduced, we will always be vulnerable by our weakest, untrained and not knowledgeable links (citizens, business, educators, advisors, technologists), . We are vulnerable through the process of omission, omitting those we think are not a critical part of the infrastructure or the need to help in securing it. The high costs of securing our infrastructure does not include user education and general awareness as a proactive move. It is only when something happens and the issues/problems are of a great magnitude/impact that we see the levels of attention and focus being put to it, then comes the irritating comments of if we had known or if we had acted sooner.

What will it take for us to give the needed attention and focus to these issues before they become problems?
When and where will we see the integration and coordination of all levels of society getting involved in this initiative?
Who can speak on all levels for all levels?

These are different times, different types of warfare, different types of attacks with more sophistication, more widespread impact and yet, still, we’re limiting the resources needed to endorse, support and finance these educational and awareness needs. We are falling behind in the fight to keep up with the demand of technology products and solutions because the hardware vendors mission to bring us the latest and greatest products with more feature rich functions, speed, storage and settings. This is one fight that by its very simplicity, involves our youths/children and those of early learning without even going outside their boundaries. The threats are looking for us, looking for vulnerabilities in our systems, looking for our private and personal information, looking for anything it can on and about us and our businesses, where we work and how we live.

Will you leave yourself vulnerable because you didn’t take the time to learn more about them or practice safe computing?
How do we address this on a global scale where the minds and concerns of our youths are addressed in regards to technology, privacy and securing them?
Who educates the educators and provides them with the needed resources to speak to the technology advancements being seen and felt in our society today within the classrooms?

Our youths are educating the educators, the parents and the more senior members of our society. While the adults and seniors are busy living their day to day lives, the youths have all this extra time on their hands to play with that makes that the perfect educational resource for tomorrow. Educating them about the internet and how technology integrates and affects our daily lives today and tomorrow will help them to be better netizens. There are too many unknowns into what is the most sophisticated and interconnected network every built and running.

We are too controlling over our youths without the right focus on these things. It is not about taking away the access or resources of the internet, it is about educating them more on its values, proper use and how to manage their online presence and identity. Social Networks, Social Media, personal and professional messaging ethic, etiquette, general internet usage and the Threats Landscape are all critical topics that should be integrated into our school systems curriculum today to allow these kinds of thoughts from an early age and stage of development. More funding and resources should be put into programs, groups, organizations that focus on these critical resources training for tomorrow. Our lower school educational systems are lacking the integration of technology, privacy, internet usage and protection training that suits our youths today. Youths are exposed and have access to these internet resources at home without proper education and awareness as to how to use and manage them until something happens and a life is taken  or at stake and further investigation reveals that he/she had a secret life online that was very troubled and now this.

This is where our educational institutions should be filling in the gap and providing the additional focus and attention on these things. Engaging local subject matter experts, vendors, developers and other technology leaders to come in and give real world experience and open discussion is a critical need for our youths. Let us engage the youths in open dialog on and about technology, IT Security, privacy and other concerns they may have. Let us open up those channels of communications so they can be better served and ready for the superhighway ride ahead.

Let us not waste time in helping to foster the needed understanding, education and awareness needed for our youths as they have and are actively engaged in using them every day. What better way to put this knowledge craving to use than by helping them along the way.

IT Security is a people problem, not an industry one. We are all at risk.

Thank you and have a great day,
 
~Brett A. Scudder~

When an infected system gets to this level where it is sending out invites, notices, links and other kind of communications from your PC, the end user is at the mercy of their common sense in thinking of whether or not to open and use it. This presents many problems for the end user because this could come to you in the form of many things, all of which are valid resources that you may normally use.

Let’s take a quick look at a few of the top ones.

Web browsing – quick, simple and easy to infect by drive-by-downloads. One of the fastest growing trends of infection today is the use of websites for infection. A drive-by-download is when you visit a website that has been infected with malicious codes and by simply viewing it the code is downloaded onto your system and builds itself into a threat. Because of its simplicity, there have been drastic increases in the number of infections from drive-by-downloads that are even bypassing anti-virus solutions and making a successful hit on the system. Many will not even know when they are hit because the payload and production is done behind the scenes and is totally transparent to the user.

Are you running the latest version of the browser?
What kind of threats am I exposed to by using this browser?
Does it have a history of successful exploits and if so, am I vulnerable to them and how can I fix them?
When was the last time you checked if you are running the latest updates, patches and fixes for your web browser?
Is the browser configured for optimal use and security while browsing the internet?
These are basic questions you should be asking yourself.

While this is a major issue today, many people still get caught up in the discussion of browser security and what is best, better, more secure or even more vulnerable. My word to you today is, all systems, applications and browsers are vulnerable if not properly patched, secured and used efficiently. Many systems are running vulnerable applications that a hacker or malicious piece of code has many entry points to be successful in hitting a mark. Many users are running security solutions that are outdated, unpatched and expired that it is scary to think they are comfortable with these things.

Email – an infected system is used to send messages to everyone in your address book pointing them to a website they need to visit that is riddled with threats of all sorts. This is one of the easiest forms of compromise because everyone knows that you should not accept emails with attachments from anyone you don’t know much less to get it from someone you know.

So what do you do when you receive an email from someone you know, love, trust and/or do business with?

So I just guaranteed myself that you will visit the link in the email because you’re thinking that it’s legit/ok and because there are no attached files in the message what are the chances of a risk, hmm, much more than you think. Drive-by-download is the fastest and most successful form of attack because of its simplicity. Most people today are not running a security solution that provides web filtering and web browser security and so the traffic goes unchecked. So as simple as that, you visit this website and because your anti-virus solution is not able to detect and block these attacks you’ve now been owned.

IM (Instant Messaging) – a growing trend that is easily exploited and with major impacts because a worm hijack the IM application and start sending out messages as if it was the user sitting at the PC doing it. So you have 200 contacts in your IM list and they are all vulnerable due to you being infected with this worm that is spreading from your PC.

Will you know this is happening?
Maybe, or maybe not depending on how you manage and maintain your system. Maybe one of your contacts will say, hey, I got this message from you to look at some pics on a website but when I went there nothing happened, it was a blank page with an error on it.

Hey, guess what, you’ve just given your friend the threat or exposed them to it unbeknownst to them. This is such an easy method of infection that it’s unnerving.

Storage and media players – now here’s one of my favorite. The use of storage devices like USB flashes drives.
Who doesn’t have one today?

They are so prevalent because of the low cost, ease of transporting, size and high storage that you can get them any and every where you go today. It is a very nice giveaway at an event where the host wants you to have the information or handouts in a soft copy. Go to any tech store or even online today and you can get a 4GB drive for under $20 and in some cases even under $10.

Media players – through the sharing of media files such as avi, mp3s and mp4, threats are easily slipping through the anti-virus systems and successfully attaching to the systems and causing all kinds of damage. One must be very cautious when it comes to sharing files such as mp3, avi and other media containers.

Back in the day we used to think of an infection as an application that has to be run (some still do today), while that was true then for most of the threats out there, it is certainly a different ball game today. You don’t have to run anything to get an infection, simply viewing a website/page is enough to cause a world of pain. Yet, unchecked, old systems with old scanning functions are being used to ward off these new threats and type of attacks.

Back in the day we used to think of email being just text messages, today email is the primary delivery mechanism for audio, video, text and many of today’s critical threats that propagate through the wires.

We need to get rid of the old mindset of thinking and wake up to a new and more sophisticated level of warfare that we would never send our children into but has come into our homes and is right there in front of our families.
We need to rise above the decadent levels of omission where one is exempt from high level meetings, discussions and events because they do not meet certain requirements, but are adversely affected and impacted by these same issues. None should be omitted as the omitted can be your weakest link or area of vulnerability.
We need to start thinking of threats as the new form of invasion from known and trusted sources. You are just as much at risk as anyone else and the threats does not care who, what, why or where you are online, you are at war now stand up and fight by educating yourself, being aware of the threats/risk and arming yourself with the proper solutions to protect you.

These are some of the needed education and awareness that we should be exposing our children and youths to today as they are as much involved as those of us in the workforce and industry.

Thank you and have a great day,

~Brett A. Scudder~

The initiative provides special benefits, training, networking, collaboration, incentives and complimentary consulting and guidance from the professionals who are servicing, supporting, creating, developing technical and systematic products and solutions for those in need of furthering their knowledge and education of and about how the IT Security Threats Landscape affects them. These come in the form of events, hands-on workshops, online presentations, one-on-one meetings, special giveaways/promotions and our social network with it vast resources and feature rich architecture.

We are constantly engaging in new ways of making this needed training, education and awareness initiative more resourceful, effective and successful and is always here to help and listen to the needs of the people.

If you’re in need of these services or resources then engage us to fulfill them for you.

Thank you and have a great day,

~Brett A. Scudder~

Last year I started a series of online presentations that were geared towards IT Security education, training and awareness and they had their ups and downs. One thing that is sure is that the information needs to get out to the people but more importantly is to get the right info and resources out. While I invited people to the sessions they declined to attend only to come back with questions of a similar issue a week or two later. Many people today still don’t know how they are impacted by these security issues or how to address them. My online sessions provided critical information about such things in an effort to let people know that IT Security IS a people problem, NOT an industry one and so they must get educated and be aware of what the threats landscape looks like and where they fit into it.

So this year, 2010, we are taking it one step further and introduce a monthly online IT Security Panel discussion to help address some of the issues that are out there in the wild. My aim is that by doing this online we can/will attract a wider range of people in the comfort of their homes, workplaces and places of learning.

I have met and talked with a few security experts who will be joining us at different levels of the security space to help to make this valuable and resourceful. More details will be posted as the sessions are aligned with the panelists so stay tuned.

Thank you and have a great day,

~Brett A. Scudder~

On May 1^st 2009, TITSSN answered the call of providing a converged resource to address the needed online training, education, awareness and resources of the technology and security issues and challenges facing us today for tomorrow. As leaders in this field we understand the challenges being faced in dealing with the day to day management, learning and happenings of these threats and their impacts. While countries, companies and organizations are falling victims to these attacks, industries are suffering through the loss of revenue, privacy and productivity, and people are feeling and seeing the real effects of the real world we live in where the internet brings us together as a global connected network filled with valuable resources and resistance is futile, it is everywhere and is not going away.

We are still not seeing enough being done to educate people across the board and make them aware of these issues and their true impacts and so we’re taking the network to a higher level towards this initiative.

IT Security is a people problem, not an industry one and as such must be addressed effectively and accordingly.

So it is for this reason that we choose to build a social community to address these things together and to provide the training, education and awareness by the people who can speak of and about them at all levels, those who develop them, those who sell and support them, those who are out in the field fighting the good fight to prevent, mitigate and stop the growing rates of infections and compromises and those who want to learn more about being safer and secure together in one place. This is a work in progress and as we grow, so we’ll learn and so we’ll adjust to the need for changes. This is what we do on a daily basis as TITSSN continues to deliver its messages of security education, training and awareness now for a more secure future. We will be moving our operations into the social network immediately to help enhance the collaborative values, resources and functionalities.

The IT Security Suite Network’s Technology / IT Security Social Network is a place where people come together to create a vibrant, resourceful, strategic and secure social atmosphere of networking, training, education, awareness and collaboration for, on and about technology and securing them.

We invite you to participate in the full functions and features of our network as we build on it to enhance its values and mission for the future. We ask that you share the word with your associates, friends, peers and everyone that is interested in the world of security and being more comfortable and secure in it. This network is specifically geared towards technology, IT Security and everything in and about it.

The focus of this social network is to build greater education, awareness and provide the services and support needed to maintain the secure presence and stability of all infrastructures (homes, businesses (all sizes and types), schools, churches, etc) for all. Everyone is affected at all levels and so we must cultivate an open concerted atmosphere to address issues effectively.  We look forward to your participation in this effort as a leader, contributor, reader, advisor or just a member wanting to learn more. Please adhere to the policies and rules of the network so that all may find a common group to collaborate in.

The networks address is http://titssn.org.

Features include:

Real-time chats

Blogging

Audio/Video/Text IM

Discussion groups

Polls

Events calendar

Products/Solutions recommendations

Featured products, people, service providers

Our own publications (recommendations, best practices, guides, reports, findings and educational info)

And much more.

Discussions and groups that are up and running:

Application Security – developing secure applications and standards

Breach Notification Laws – country/state laws

Business to Business IT Security “BtBITS” – businesses protecting each other’s interests

Cloud Computing/Security – Issues, concerns, development, education and awareness

Computer Forensics – Data and Network

Cybersecurity – myths, issues, concerns, development, education and awareness

CyberWar – on, about, awareness, information, collaboration

Data Security – securing the data/information

DCITSUG – Washington DC IT Security Users Group

Emergency Security Response Program “ESRP”

Endpoint Security – What are they, why they are vulnerable and how to protect them

Hacking Unleashed – Ethical/Unethical – the world of hacking

I-CON Science and Technology Conference

Identity Theft – prevention, support and solutions

Incident Response – What happens when something goes wrong/bad?

IT/Security things/issues that make you paranoid

IT Security Best Practices – General

IT Security Facts and Myths

IT Security Leaders

IT Security Requests and Support

IT Security Service Providers ~ITSSP~

IT Security Training and Development – General

IT Security in our educational institutions – curriculum upgrade

Microsoft Small Business Server Security – Securing the server and components

Mobile Security – securing the mobile users/devices and they data they host

Managed Security Services Providers “MSSP”

NYeWin – New York Enterprise Windows Users Group

NYITSUG – New York IT Security Users Group

NYSBS – New York Small Business Server Users Group

Online Security – Securing your online experience

OWASP – Open Web Application Security Project

PAITSUG – Pennsylvania IT Security Users Group

PC Security at home

Perimeter Security – securing the perimeter

Physical Security – a critical part of your security model

Ready Rockaway – Disaster/Emergency Preparedness

Small Business IT Security – securing the small businesses

SPEAK – Security Professionals Engaged in Advanced Knowledge

Social Networkers United – the future belongs to us

Social Networking – security, trends, myths and best practices

TITSSN’s Adopt an Institution Program – ~AaIP~

TITSSN’s Code of Honor – Advocates for the future of professional Messaging

TITSSN’s Code of Honor – Advocates for the future of IT Security Education and Awareness

TITSSN’s ENGAGED ~ENabling Greater Awareness, Growth and Educational Development~

TITSSN’s General Network Members

TITSSN’s IT Security Community Outreach Program ~COP~

TITSSN’s IT Security Scholarship Program ~ITSSP~

TITSSN’s Secure Medical Protection Program ~SMPP~

TITSSN’s Secure Mobile Professionals Network ~SMPN~

TITSSN’s Secure Minds Initiative

TITSSN’s Small Medium Business IT Security Summit ~SMBITSS~

TITSSN’s Windows 7/Vista SP2/Windows Server 2008 SP2 Testing and Development Group

The Compliance Suite (Regulatory/Non Regulatory)

The Framsyn Initiative

The IT Security Threats Landscape ~TITSTL~

The Privacy Suite – it’s all about privacy

Viral Outbreaks – containment, response, prevention

Viral, Spyware, Malware Detection and Removal – the growing trends

Voices of IT Security

Wireless Security

Government Security Mandates, Protocols, Policies and Response

US – CERT – United States Computer Emergency Readiness Team

US – CIA – Central Intelligence Agency

US – DHS – Department of Homeland Security

US – FBI – Federal Bureau of Investigation

US – NSA – National Security Agency

These are just a few of the topics, issues and groups that are available as we start off on this journey together and when you join us, you too can add to what is there if there is something of interest that is missing.

We look forward to your support and we know this will be of great value for you.

Thank you very much and have a great day. We apprecilove your business and support and look forward to serving you more.

~Brett A. Scudder~

The IT Security Attaché

The IT Security Suite Network’s Technology / IT Security Social Network is a place where people come together to create a vibrant, resourceful, strategic and secure social atmosphere of networking and collaboration for and about technology and securing them.

We invite you to participate in the full functions and features of our network as we build on it to enhance its values and mission for the future. We ask that you share the word with your associates, friends, peers and everyone that is interested in the world of security and being more comfortable and secure in it. This network is specifically geared towards technology, IT Security and everything in and about it.

The focus of this social network is to build greater education, awareness and provide the services and support needed to maintain the secure presence and stability of all infrastructures (homes, businesses (all sizes and types), schools, churches, etc) for all. We look forward to your participation in this effort as a leader, contributor or just a member wanting to learn more. Please adhere to the policies and rules of the network so that all may find a common group to collaborate in.

http://titssn.org

Thank you and have a great day.

~TITSSN~

I would like to take this opportunity to share some very critical information with the self employed and home based business owners about the state of The IT Security Threats Landscape ~TITSTL~ and how it affects you. This is a discussion I have every day as more and more people in these categories are finding out the real effects and impacts of these threats are not excluding them and that they fall very much into the mix of it. As the economy tightens its grip on our lives, those who are being laid off are turning to home based and self employed business thus sparking an increased growth in this area of business. The SMB space has grown tremendously since his recession and to that end has become a serious security issue for us security professionals as we look across the IT Security Threats Landscape horizon.

Therefore, the reality of the issue must be faced thus bringing the question of, what am I to do about it.

I have published numerous articles on these threats, preventative measures and how to deal with the security issues of today and tomorrow on my blogs but I am going to do this as a summary of those here.

First let me say this, if it requires a security patch (let’s just keep it at security for now), it is vulnerable.

What does this mean?

Simple, any operating system, Microsoft, Mac, Linux, Solaris, you name it, that requires a security patch for any reason is vulnerable. The patch is to prevent exploit of the vulnerability right so it is a security risk.

I had to get that out of the way so that we wouldn’t get into the ridiculous argument of which is more secure than the other. The way I see it is simply that, if a door is left open for anyone to come through it, the length of time left open versus the threat that comes through it is just as critical. So, any open door is a threat no matter where. What comes through it may differentiate the severity. They all have their insecurities at some point but how the vendor/developer addresses it lessens the impact and wide scale visibility of the issue. While some may announce these vulnerabilities and findings, other may patch/update them behind the scenes thus limiting the visibility and knowledge of the user.

Second, anti-virus alone is NOT going to protect you from the threats of today. It takes a multi-layered approach and as such, the various layers of protection must be enforced. So telling yourself that you have anti-virus protection on your PC is being as naïve as saying the threats doesn’t affect me and i’m not worried about them. While it is true that most anti-virus vendors are bundling multiple threat protection/prevention layers into their solutions, the proper configuration becomes the caveat to that solution. While many deploy with an out of the box config, there will be tweaks needed to customize it to your environment and needs. So one must understand what is being deployed and if it will provide the layers of protection needed.

So why is IT Security so serious for me as a self employed or home based business?

Well, ask yourself these questions,

What is it that you do and how do you do it?

Do you use email?

Do you send emails to customers/clients/partners/associates/potential clients?

Do you leverage the powers of social networking/media (Twitter, LinkedIn, MySpace, Facebook, Ning and the list goes on) today?

Do you use IM for personal and/or business use?

Do you browse the internet for data/information on whatever you’re working on or researching?

Do you do online banking or shopping?

Do you download multimedia contents from the web (music, movies, flash videos, etc)?

Do you download online presentations (PDF, PowerPoint)?

Did you know that PDF files presented one of the biggest security risks over the past 2 years but is the most widely distributed online document format?

Do you have a printer or some media player connected to you system(s) at home or in the office?

Do you have any applications running on that system aside from the operating system?

Do you know of the Breach Notification Law in your state and what it means for you?

When was the last time you downloaded a keygens or crack file to open full access to that app or game you really wanted but didn’t want to buy/pay for?

Maybe you didn’t crack/keygen it but someone did and opened a backdoor which planed a rootkit or some nefarious threats on your system(s). What happens when you use that for business purposes, what are you spreading to those you collaborate with?

Well by now i’m sure you’ve caught my drift and I don’t have to get technical for you to see how you’re affected. All these questions pose security risks in various ways and are able to be stopped, prevented and protected if the proper education, awareness and measures are put in place. Don’t ask if you’re affected or if I should be taking these things seriously, you must. You are as much a risk to me as I am to you if the proper steps are not implemented to secure your system and the data/information you have sitting on it about me, you and those you collaborate with.

That system is being used for personal and business use and at some point the access to/from or by a threat is heightened because of the lack of separation of the two. A system that is used by everyone in the home should not be the same used for doing your business. When someone in the home decides to crack that app and opens that backdoor, you’ll never know what can come through it and what your risk factor will be or are. Separate the two, business is business and personal is personal. The cost of a system today is much more affordable than a few years ago so it shouldn’t be a problem to get an extra one.

You are not a small business because you have 5 people working for you. You are not a small business because you only have 5 computers in your office or where you decide to conduct your business. To me as a security professional you are not a small business (home based or in an office) when you have records/information and access to 5000 people. A doctor who has an office with 5 employees and 8 systems managing 4000 patients’ info is not a small business in my eyes. If you’re a consultant running your own business and you manage systems or information for your clients you’re now there biggest risk because it’s your responsibility to control that. Every PC must be secured whether it is connected online or not as you never know if/when it will cross the line. This is how I see security.

When you decide to start doing business today you must consider the role you play with those in which you will be doing business and the kinds of interaction you will have with them. When sending an email from an infected system (whether you did or the resident worm) it is still coming from you and the possible effect on the recipient(s) can be adverse which may lead to legal issues.

When using social network can enhance your presence and what you do significantly, it is also an area of heightened risk both personally and professionally. Know the need and use it accordingly. Social networks are the future of collaboration but one must decide why the need and create the separation. If it’s for personal use one should always remember the impact on themselves as they are now putting themselves out there to the world. If for business, one should decide on how they want to be seen and what they would like the world to know about them and what they do. Social networking is a great thing to have and use, it’s the management and control of that presence that matters. The threats people face on social networks are the same they would face outside of it but just through a different medium. Educate yourself on these things and you will be ok.

As for the Breach Notification Law, most people didn’t even know of such laws about digital contents and its security. I strongly suggest you take a look at the law of your state and understand the legal and financial issues it presents for you. Learn it, know it, and understand it. If in doubt, reach out.

The active Conficker worm should be enough of an eye opener for you and if you don’t know what it is then you may have bigger problems that I thought. Security is not just about you, it’s about your way of life today both on and offline. I am not here to scare you but it is better to know before than after as the damage control, legal and financial issues after the fact is much worse and a very daunting issue.

As for the online scams, phishing and SPAM, it is only going to get worse and until you educate and make yourself more aware of and about them, you may fall victim to them as they are craftier than ever.

Ok so I have chatted enough and now you’re saying this is too much so I will leave a few articles of reference.  Feel free to contact me if you’d like to discuss further and in more details.

The Conficker Worm – my review

A grim day for browser security at hacker contest

State Security Breach Notification Laws as of December 16, 2008 and the Conficker worm

IT Security Education and Awareness 04-09 #1 – IT Security is a people problem, not an industry one

Apple Mac users warned of web-based malware threats RSPlug-F Mac Trojan horse distributed via HDTV website

TITSSN leverages the Twitter network for critical alerting, notification and network happenings (meetings and events) as of April 1st 2009

Security/Privacy Awareness 03-09 #1 – Do you understand the breach notification law is in your country/state, do you know what it means, all are affected.

Thank you and have a great day,

~Brett A. Scudder~

The IT Security Attaché

Sunday March 22^nd at 7pm

TITSSN continues its monthly online security webcasts/presentation/forum and invites everyone to join us.

As technology continues to grow and the increase in new products and solutions become inundating, we’re seeing more avenues of risk associated with this growth across the board. On Sunday March 22^nd at 7pm we will be taking a look at five critical ways in which we sometimes overlook securing our systems and end up becoming compromised.

Whether this is a home or business system, security is not an option as you never know if or when this system may be used to cross the line. This webcast will give a detailed look at these five issues that have pervasively increased the risks of the threats landscape with little or no interaction from the end user(s). The threats are the same across the board so all are affected.

This will be a live meeting session that offers the needed interactivity (voice and video) for getting the message across effectively.

All are invited as we continue delivering our education and awareness initiatives on/about IT Security and it being a people problem, not an industry one.

—————————————————

When: Sunday, Mar 22, 2009 7:00 PM (EDT)

Duration: 1:00

TITSSN continues its monthly online security webcasts/presentation/forum and invites everyone to join us.

Brett Scudder has invited you to attend an online meeting using Microsoft Office Live Meeting.

https://www.livemeeting.com/cc/usergroups/join?id=7S86HQ&role=attend&pw=8%3Ehg%28ZR%2Fz

Meeting time: Mar 22, 2009 7:00 PM (EDT) 

Add to my Outlook Calendar:

https://www.livemeeting.com/cc/usergroups/meetingICS?id=7S86HQ&role=attend&pw=8%3Ehg%28ZR%2Fz&i=i.ics

——————————————————

Thank you very much and have a great day. We apprecilove your business and support and look forward to serving you more.

~Brett A. Scudder~

The IT Security Attaché | http://theitsecurityattache.com  | Blogs http://theitsecurityattache.com/blogs

President/CEO/Chairman/Founder/Security Architect

~TITSSN ~The IT Security Suite Network~ | http://titssn.net | TITSSN’s Blogs http://titssn.net/blogs

Brett.Scudder@titssn.net (877) 539-8614 / (718) 928-6516

We are Security – your Security – our Security – IT Security. Our Security is Safe and Secure.

A Managed Security Services/Value Added Resellers Provider (MSS/VAR-P)

My LinkedIn profile – http://www.linkedin.com/in/titssn | TITSSN’s IT Security Forum Board http://titssn.net/forum

Follow me on Twitter http://twitter.com/TITSSN

With technology becoming a more integral part of our everyday lives and more gadgets, devices, and electronics being converged on the information superhighway (World Wide Web ), at what age do you believe we should start the education and awareness of IT/Internet Security for our youths in the school systems?

Things like,

How to browse/use the internet safely,
Instant Messaging security and best practices
Social Networking security and best practices
Mobile security and best practices.
Online predators and how they target children and how to be protected from them.
What is are viruses, worms, trojans, spyware, malware, blended threats?
What are web attacks (like drive-by-downloads) and how they are orchestrated?
What is social engineering?
What is phishing?
What is SPAM and why is it being used today?
How do these threats proliferate?
Secure messaging implementation and use.
Defense-in-depth – definition, purpose and maintenance. Anti-virus, anti-malware, firewalls and intrusion detection/prevention.

Our Secure Minds Initiative is about integrating this level of training and education in the school’s curriculum and I wanted to get your thoughts as adults, parents, educators and professionals on this matter. I have seen 10-12yrs old who can hack into a network and do some serious things that IT Pros in their adult years can’t.

Why not nurture this knowledge and ability for good?

Please make note that I didn’t ask if it should, I asked at what age should this be done signifying that I believe it should and i’m for it. Imagine having our youths graduating from high/middle schools with this advance early knowledge and what contributions they would be to the IT field. Even if they don’t become IT professionals having this education and knowledge will help any organization they join stay more secure.

Your thoughts.

Thank you and have a great day,

~Brett A. Scudder~

More answers on LinkedIn here http://www.linkedin.com/answers/using-linkedIn/ULI/394739-3071950

Good day to you,

~Brett A. Scudder~
President/Chairman/IT Security Attaché
~TITSSN~

Good day to you and welcome to my personal web infrastructure.

http://theitsecurityattache.com