Businesses need to know that the most exploited vulnerability that cybercriminals leverage is their human capital. Unwitting human action is now involved in as much as 90% of all breaches and infections. Our team is called in multiple times per month to remediate and repair the damage done by hackers who have tricked an unsuspecting user into interacting with or clicking on an attachment, link or other malicious email and web content.
As a part of our series about “5 Things You Need To Know To Optimize Your Company’s Approach to Data Privacy and Cybersecurity”, I had the pleasure of interviewing Earl Foote, a serial entrepreneur with a massive itch to see and experience the world, its cultures, people, and food. In 2019 alone, Earl did 14 business and personal trips around the world — from Vancouver BC to Costa Rica to Spain to Iceland to Dubai. As a Co-Founder of ELEVATE ITNL, a project that’s passionate about offering adventures, retreats, and humanitarian service opportunities to leaders, he shares his wanderlust for seeing the world to bless the lives of at-risk children.
Earl brings an open and abundance-minded, fun-loving nature to those around him. His life passions and pastimes include skiing, biking, camping, backpacking, and music. Although he spends much of his time in the great outdoors, he draws his greatest joy in life spending quality time with family, friends and loved ones, and playing and performing music with his band.
More than anything, Earl strives to make a positive impact in the world and the lives of those that surround him, including his team at his primary venture — Nexus IT; an IT company he founded 21 years ago to provide IT support and solutions so outstanding, they enable business leaders to focus on their business and forget about the intricacies of technology.
Although technology can be a major source of frustration for many people, Earl and his team enjoy tinkering around with the latest advancements to find new ways to improve operational efficiencies. Earl and his team’s warm, refreshing vibe tends to make clients feel more at ease when it comes to their technology.
Thank you so much for joining us in this interview series! Before we dig in, our readers would like to get to know you. Can you tell us a bit about how you grew up?
With pleasure! I grew up the youngest son of 6 children in a blue-collar family and neighborhood. While my father reached significant success in his career, achieving the pinnacle of COO, for most of my childhood our resources were limited. We learned at a young age the value of a day’s work and dollar in your pocket. We had very little in terms of possessions, so we learned to be resourceful, crafty, and creative. I grew up spending most of my days playing outdoors, with the other kids in the neighborhood, on our dirt bikes and in the old fields around our neighborhood. It was a fantastic, wholesome, healthy childhood!
Is there a particular story that inspired you to pursue a career in cybersecurity? We’d love to hear it.
More than one singular story, really. The genesis comes from a string of cybersecurity events, maybe 12 or 15 years ago. We began to see many businesses in our community fall prey to hacking, viruses and other nefarious cyber crime activities. The field fascinated my team and I, and we knew we could help protect these businesses and clean up messes for those that did not take the threat seriously. So, we set out on a journey to educate our team on the topic, and develop solutions to serve our business community with cybersecurity defense and remediation services.
Can you share the most interesting story that happened to you since you began this fascinating career?
This one is a lot of fun! Given that our firm often assists businesses recover from hacking and ransomware incidents, I have on multiple occasions met semi-suspect individuals in dark parking lots, late at night, to procure bitcoin on the spot so we can expeditiously help our new clientele recover encrypted data. While we do not condone paying a ransom, when a business has been negligent with their data security and back up protocols, there are times when they leave no other option.
None of us are able to achieve success without some help along the way. Is there a particular person to whom you are grateful who helped get you to where you are? Can you share a story about that?
I often feel I was late to the game of understanding the value of good mentors and coaches in my career. In the early years of my entrepreneurial journey, I was so focused on growing and running my business, that I did not afford myself the luxury of time away to collaborate with mentors.
Perhaps about a decade into my career as a tech CEO, I met a now dear friend, Kent Whipple. Kent has run a successful Home Services business in our community for several years. When Kent and I met there was an immediate connection. He offered right away to coach me and help me in my journey at no cost to me (which was very helpful as I was still growing a small company). I will be forever grateful to Kent for the impact he has had on my life and the success of my business. He helped me understand and fill my knowledge, skill, and mindset gaps that were hampering the progress of the business and my fulfillment in my role as a CEO, as well as my personal life. Our trajectory since Kent took me under his gracious wing has been remarkable and I am forever in debt to him for his generosity!
Are you working on any exciting new projects now? How do you think that will help people?
Most certainly! At Nexus IT we have a few pivotal internal projects that will greatly enhance our client experience and help them streamline their business operations and the way they leverage technology to make it a tool that benefits their business in a secure manner.
I am also just starting on a separate app project outside of my primary venture that is poised to have viral adoption and help consumers at-large have an improved, social fashion buying experience. Without the all-too-common negative experience of sizing stereotypes that often lower a consumer’s self-esteem.
Beyond that, I am not at liberty yet to discuss these projects in greater detail, due to the IP involved.
What advice would you give to your colleagues to help them to thrive and not “burn out”?
I am a firm believer in finding flow and balance in life, to create a more fulfilling, more healthy experience and lifestyle.
While it is extremely challenging to do so as a busy entrepreneur/CEO, I do my best to respect a schedule that affords me the opportunity to pursue self-care and my passions outside of my profession. I am a practitioner of mindfulness, meditation, yoga and circuit fitness training. I am an avid traveler, outdoorsman, musician, and dedicated father and husband. All of these things help me live a well-rounded life that affords me fulfillment, balance and happiness.
Ok super. Thank you for all that. Let’s now shift to the main focus of our interview. The Cybersecurity industry, as it is today, is such an exciting arena. What are the 3 things that most excite you about the Cybersecurity industry? Can you explain?
- I feel that we are at a pinnacle of Cybersecurity as we know it. Never before has there been so much awareness and interest in Cybersecurity. Likewise, there has never been so much Cybercrime in the history of the world.
- The need for solid Cybersecurity solutions and services is on the rise, exponentially. That need is being matched at a pace we have never seen before with innovation and new Cyber Professionals entering the field with tremendous zeal and passion to combat Cybercrime. The future looks very, very bright for our industry, from all angles.
- Finally, this is just something we thoroughly enjoy and are passionate about. We are essentially engaged in Cyber Warfare, and for us, it’s a ton of fun! It is fascinating, challenging, engaging and rewarding to spend our days protecting our clients from Cyber Threats and staying on the cusp of newly emerging threats every single day.
Looking ahead to the near future, are there critical threats on the horizon that you think companies need to start preparing for?
Do you have a story from your experience about a cybersecurity breach that you helped fix or stop? What were the main takeaways from that story?
I have plenty of stories of preventing or stopping cyber-attacks from over the years! Since we offer SOC and SIEM security monitoring services, we come across both of these scenarios quite often.
Typically, fighting off cyber-attacks involves discovering the attack’s origin by finding IP addresses and learning what region of the world it comes from. Meanwhile, we ensure that all firmware and hardware are updated while we block the breach. However, if it is a phishing or social engineering attempt, we’ll block the email or the domain address. Sometimes we have to harden the email filtering because of how sophisticated the email spoofing is.
Unfortunately, it’s not uncommon for attackers to have access to a significant amount of compromised machines or servers. When this happens, they will continue to attack from different IP addresses from different regions of the world until you block them enough that they give up. This can range from a few hours, to even a few days!
When it comes to fixing a cyber breach, the most common occurrence is businesses calling us after they have already fallen victim to a ransomware attack or other breach. Now, I’m not advocating for paying the ransom. In fact, that should be the last option considered. But businesses calling us too late happens so often that we now keep a wallet filled with bitcoin in case we have to pay a ransom on a company’s behalf. Before this, well, as I mentioned, we’ve had some pretty interesting scenarios of meeting people in dark parking lots in the middle of the night just to get some bitcoin from a local seller so we could pay a ransom and recover a company’s data as quickly as possible!
The main takeaways, I think, is that not enough businesses are taking their security as seriously as they should. You need to be prepared. If you’re not, it isn’t a matter of “if” you’ll be attacked, but “when”.
What are the main cybersecurity tools that you use on a frequent basis? For the benefit of our readers can you briefly explain what they do?
The two most important tools that we use are (SOC) Security Operation Center Solutions, or, and SIEM Solutions, which stands for Security Information and Event Management. Over and over again, these have proven to be some of the most useful tools in our utility belt.
As the name suggests, our SOC is the central location in which we monitor, assess, and defend our clients’ systems. SIEM helps us do this by utilizing AI to digest logs and events on a range of systems such as firewalls, switches, routers, and servers. If the SIEM discovers any potential malicious activity, it alerts our SOC so that they can analyze the threat then take action based on that assessment.
Of course, we utilize other common resources to help prevent data breaches including end-point security tools, email filters, and even web filters. However, keeping data breaches from happening isn’t guaranteed. Once this happens, you enter forensic diagnostics mode and this requires different tools. For example, using the DOS prompt in order to pinpoint where the attack is coming from and its potential path. There are online tools that we use that help us identify the IP address’ source.
On a day to day basis, certain tools are needed more than others but these are the ones we tend to utilize the majority of the time.
How does someone who doesn’t have a large team deal with this? How would you articulate when a company can suffice with “over the counter”software, and when they need to move to a contract with a cybersecurity agency, or hire their own Chief Information Security Officer?
The first thing I would recommend for a smaller team is to take the threat seriously. Whether professionally or internally, you should be performing scheduled risk analysis and auditing your infrastructure to find and patch any vulnerabilities. After that, begin implementing software and solutions to help the team stay safe. There are tons of tools out there.
At the base level, you’re going to need end-point security, commonly known as anti-virus. Online modules such as KnowBe4, Sophos, or Breach Secure Now can be used to educate staff on proper computer hygiene and security. Use tools like email filtering, email security, and web filtering. All this combined will help prevent an employee from inadvertently clicking on an ad or web page that contains malicious code.
One of the more powerful tools you should be using is a robust firewall. I don’t mean the kind that can be purchased from a big box store, but a business-grade firewall that an IT company can sell you. If possible, get a firewall that utilizes Unified Threat Management (UTM). Though there is a yearly subscription, you’ll be able to use add-ons to improve the strength and effectiveness of the firewall. Additional benefits include Intrusion Detection Services (IDS) and Intrusion Prevention Services (IPS). You can set these up to alert your IT Team, internal or not, if either service discovers a threat of any sort. Of course, ancillary services like anti-virus, web filtering, and more can be added to the UTM on a firewall level.
Today, many regulated industries are required to subscribe to SOC and SIEM if they want to remain compliant. Unless you’re a larger enterprise, you’re more than likely going to be outsourcing your IT to a Managed Service Provider like Nexus IT. Luckily, this usually includes a virtual CISO, security management and monitoring, and maybe more. In the end, what matters is that you partner with people who want to help keep your company safe.
As you know, breaches or hacks can occur even for those who are best prepared, and no one will be aware of it for a while. Are there 3 or 4 signs that a lay person can see or look for that might indicate that something might be “amiss”?
This is a difficult question, given that a reasonably sophisticated skillset of threat hunting through event logs of firewalls, servers and other devices is usually needed to identify a silent breach.
However, end users can keep their eyes out for anomalous activity on their computers and network. If they suddenly notice massive slowdowns, decreased reliability and crashing of systems, these can be signs that something is amiss. Of course, the most common signs for end user would be pop-ups and suspicious or nefarious looking, unexpected content or files on their computers.
After a company is made aware of a data or security breach, what are the most important things they should do to protect themselves further, as well as protect their customers?
Breached companies need to go offline entirely until they can completely identify compromised systems and repair or remove those from their network. This means completely shutting down their internet connections and any potentially breached servers and systems. They should then bring up compromised servers one-by-one, disconnected from their network, so the infections cannot spread any further while they mitigate and fix the problems.
They should immediately invoke their pre-formulated “Incident Response Plan”. This should include contacting their cyber attorney, cyber insurance agent, IT department and/or cyber-defense provider(s), to put together a game plan for getting operational as quickly as possible and determining next steps for notification to their entire team and any of clients, employees or partners whose data may have been compromised.
Thankfully they are bringing cyber hygiene to the forefront of business leader conversations. Companies who previously did not take proper data stewardship seriously are now more aware, even if they are not directly affected by these regulations. More and more companies are performing risk assessments, formulating cyber hygiene action plans, resolving their gaps and documenting their Incident Response Plans.
What are the most common data security and cybersecurity mistakes you have seen companies make?
The biggest mistake we see small to medium businesses make is having the “somebody else” mentality. Nobody thinks they’re going to be targeted. As a result, they haven’t taken the adequate steps to protect themselves. I recommend letting an expert analyze the IT infrastructure to dig into what vulnerabilities the company has, where there are gaps, how to cover these gaps, and so on.
Taking a lackadaisical approach to their cybersecurity is definitely the most common mistake. Businesses will use consumer-grade anti-virus as opposed to business-grade, no data backups, or maintenance and verification of said backups, and not educating their team. Again, education on the topic is incredibly important.
Since the COVID19 Pandemic began and companies have become more dispersed, have you seen an uptick in cybersecurity or privacy errors? Can you explain?
Absolutely! Work from home has introduced an insane amount of new possible vulnerabilities and attack vectors. Because millions of users now often work on personal devices, from home internet connections, with the lack of corporate grade firewalls, secure, backed up central data repositories, EndPoint Security (AntiVirus), administrative controls, globally enforced security policies and protocols, etc. — The risk to corporate data if likely higher than it has ever been. Cybercriminals know this and are exploiting every opportunity possible to compromise data and PII due to the lack of current security controls and end-user awareness of their exploits.
Ok, thank you. Here is the main question of our interview. What are the “5 Things Every Company Needs To Know To Tighten Up Its Approach to Data Privacy and Cybersecurity” and why? (Please share a story or example for each.)
- Businesses need to know that the most exploited vulnerability that cybercriminals leverage is their human capital. Unwitting human action is now involved in as much as 90% of all breaches and infections. Our team is called in multiple times per month to remediate and repair the damage done by hackers who have tricked an unsuspecting user into interacting with or clicking on an attachment, link or other malicious email and web content.
- I would guess that greater than 60% of these scenarios, when we are engaged to help businesses recover from hacks, breaches and infections, the business either had no backups or their backups had not worked in months of years. Too many businesses often neglect the simple failsafe of effective, redundant data backups. This is precisely the case with the recent ransomware infection and breach of Jack Daniels. This massive whiskey dynasty had over 1TB of data stolen, for which they had no backups. It is hard to believe that in today’s world, large enterprises like this can be so careless. SMBs are also no exception and should be even more cautious, given they are not generally poised to weather a massive loss of data or breach of this nature.
- Enable and use Multi-Factor Authentication (MFA) on any and all platforms that support it such as Gmail, Microsoft Office 365, bank accounts, and VPN software. For those who don’t know, MFA is when an individual must use two verification methods to gain access which includes a text sent to your phone, or a recovery email, or something else. Though they aren’t 100% foolproof, they greatly improve security posture and cyber hygiene. However, it is important to educate yourself and your employees on any potential dangers. Scammers are now attempting to overcome the MFA obstacle by tricking victims into providing the verification codes. For example, a friend of mine recently put an item for sale on a local classified site. A hacker ended up replying to their posting and sent a link in order to provide a code sent to their phone in order to “legitimize” the sale. However, the code sent to my friend’s phone was actually an MFA code to their Gmail account. The buyer had somehow procured her login credentials and was attempting to bypass the MFA. Fortunately, my friend was able to recognize that something was askew and ended the conversation before any damage was done.
- With so many people working from home due to COVID, I highly recommend that businesses ensure that any work-related data is only accessible through a virtual private network (VPN). The VPN will encrypt the data, making it that much harder for any cyber criminals to get a hold of it. In fact, I recommend that this is enforced across the board. If possible, keep any business data such as files or documents from being downloaded onto personal devices. This may mean that a Cloud Virtual Desktop, more commonly referred to as a VDI, is implemented.
- My final advice is that businesses engage with a Managed Service Provider (MSP). If possible, not just an IT Service Provider, but one that also focuses on cybersecurity. The reality is that most companies, even those with internal IT teams, do not have the resources, time, or expertise to deploy, monitor, and maintain their security solutions. An MSP, on the other hand, has developed their business model around this. They are able to remove this burden from the business, so that the business is able to focus on its vision without worrying about being attacked. At Nexus, we engage with several organizations who have either never taken threats seriously or have attempted to handle the security on their own and, as a result, were not able to adequately do so.
You are a person of enormous influence. If you could inspire a movement that would bring the most amount of good to the most amount of people, what would that be? You never know what your idea can trigger. 🙂 (Think, simple, fast, effective and something everyone can do!)
Ideals that align with kindness, compassion, abundance mindsets and “paying it forward” resonate greatly with me. I would love to see more people, throughout the world, practice principles of peace and kindness. I feel we can solve so many problems in the world, by simply treating those around us with the dignity that all human beings deserve.
How can our readers further follow your work online?
Connect with me and my Cyber Firm, Nexus IT, on LinkedIn and our blog at the links below:
This was very inspiring and informative. Thank you so much for the time you spent with this interview!