Be Cyber Smart

Be Cyber Smart: 10 Tips to Upgrade your Personal Security

The internet has become riddled with malicious links and viruses. Data breaches are more frequent, and users are more vulnerable than ever before. When one click can cost thousands or even millions of dollars, users need actionable to-do’s to help them stay safe online and be cyber smart.

We developed ten security tips from our experience within the security industry for businesses and individuals. With these personal cyber security tips, you can become more cyber smart.

1.      Safeguard your personal information; don’t share personal info.

When malicious hackers can’t find a security vulnerability, they’ll attack in other ways, so beware of Social Engineering. This type of attack is more on the user’s mind than on the device to gain access to systems and information. Cybercriminals develop creative ways to dupe users, especially with publicly available information online and over social media.

2.      Think before you click; double-check and verify links.

Clicking Without Thinking Is Reckless. Malicious links can damage several different ways, so be sure links are from trusted senders before clicking. If you can click doesn’t mean you have to; it can cost you a hefty sum.

3.      Be careful with public WiFi; use secure public internet.

Connect Securely. You might want to connect your device to an unsecured public connection, but it’s not worth it when you weigh the potential consequences. Only connect to private networks, especially when handling sensitive information.

4.      Make sure your connections are secure; use a VPN.

If you are in an emergency and need to use public WiFi, please use a Virtual Private Network (VPN). When you use VPN software, the traffic between your device and the VPN server is encrypted, and it’s much more difficult for a cybercriminal to obtain access to your data on your device.

5.      Ensure your connections are secure; only use sites that start with HTTP:// and have valid certificates.

When you visit a website, it will use either the Hypertext Transfer Protocol (HTTP) or Hypertext Transfer Protocol Secure (HTTPS). Please make sure the latter option is enabled as it uses a layer of encryption.

Remember that while HTTPS is best used by default in general browsing for online purchases, this protocol is crucial to protect your payment. To reduce your risk of theft as much as possible, you shouldn’t give any critical information to websites without HTTPS enabled.


Look in the address bar for “HTTPS://,” to find out if it is enabled. Many browsers also show a closed padlock.

6.      Verify your connections; be careful who you chat with.

If you get an email from your “boss,” verify the email address he usually uses for your communications. If a friend changed their social account, find out if it is legit before starting the conversation. It’s more important than ever to know that the persons you’re virtually talking to are really who they say they are.
 

7.      Safeguard your connections; turn off your Bluetooth when not in use.

Devices can be hacked via Bluetooth, and as a consequence, your private information can be stolen. Disable Bluetooth when you don’t need it. If there is no reason to have your Bluetooth on, turn it off!

8.      Safeguard your personal devices; use antivirus software.

As long as you are connected to the web, it’s impossible to have total protection from malware. Still, you can significantly reduce your risk by ensuring you have an antivirus and at least one anti-malware installed on your computers.

9.      Be security aware; use secure passwords.

Don’t be lazy with your passwords! Put more effort into creating your passwords. You can use a tool like how secure is my password to find out how strong your passwords are.

10. Safeguard your data; maintain secure data backups.

Back up important data. Critical data can be lost in case of a security breach. To be prepared and restore your data, you should ensure your information is backed up frequently on a local storage device or the cloud.

Remember: It can happen to you

Cybercriminals do not discriminate in targeting all sorts of users. The most damaging thought you can have is “it won’t happen to me,” or “I only visit safe websites.” That kind of mistake couldn’t be undone with “ctrl + Z.”

Simple cyber security tips like these can fully help you prevent a catastrophe, but they’ve only scratched the surface of how you can be educated and protected. It’s part of CyberWarrior’s mission to educate more people so you and we all can be cyber smart.

If you want to learn more about this interesting topic, contact us.

Be Cyber Smart

Cybersecurity Awareness Month: Be Cyber Smart

Technology is snowballing, attacks are innovating, and users’ vulnerability is increasing. Even though security is also growing and being developed by cybersecurity analysts, the job is not done. It is important to understand that security doesn’t start or end with the professionals fighting for good; it also counts on the people who use the technology every day, like all of us.

Now, what can you do to prevent these massive attacks that are ruining people’s lives and big companies around the whole world? Simple, make the decision – play smart! Now, you’ll probably want to know how to do that? Right?

Every October, cybersecurity awareness month serves as a timely reminder for companies and individuals to check their cybersecurity practices after a tumultuous year of cyberattacks across industries.

In 2021, the Cybersecurity & Infrastructure Security Agency (CISA) will continue using the overarching theme:

Do Your Part. #BeCyberSmart.


Each week of this fantastic month will be based on a different topic. This article will guide you through it and help you be Cyber Smart at the same time. Let’s go!

Week 1. Cybersecurity First.

To protect your data, such as passwords, files, or information, cybersecurity needs to be the first thing in your life.

The best way to protect yourself first is to do the basics without using any tools, like making strong passwords, having different passwords for different platforms, or avoiding putting your personal information on untrusted links. These actions may seem so basic they don’t help – but they do. They are really helpful as they make it a lot more difficult for attackers.

Week 2. Phight the Fish.

You might have heard the word phishing, but what’s that exactly? Around the world, some people fish daily, and it is curious to see the fish just getting trapped repeatedly and how the fishermen use and improve their techniques to get their prey.

“I don’t know why the fish keeps being caught like that,” you may think, but millions of users fall into the trap every day with just a click. It’s incredible how much information you can give through a link. That’s why you must be aware of the causes and consequences of phishing – because it’s your job to fight it.

Do not open every link you see. Even if you like cats a lot, you don’t need to open every file about cats you see. Hackers know that you might love cats (or dogs), and because they do, they’re going to use that to your disadvantage, so your job to protect yourself starts today: fight phishing!

Week 3. Explore. Experience. Share.

Right now, you may be in the step of your life in which you are discovering new things, such as visiting new places and moving forward, so… have you ever wonder what a day in the life of a cyber professional is like?

Cybersecurity professionals, or infosec analysts, have a wide range of responsibilities, but the goal of their job is to protect data online from being compromised. As more of our personal information is stored online, it becomes more important to step up security.

Explore new ways to protect yourself, experience putting them into practice, and you could also consider a career in cybersecurity. There are 500.000 open cybersecurity jobs across the United States, a field with a 0% unemployment rate since 2010 and an average starting salary for entry-level employees of $82,500.

We can not only raise awareness about cybersecurity but also work to make our communities safer.

Week 4. Be Cyber Smart.

What does it mean to be cyber smart? We just talked about it – make it harder for those who want your data. Increase those basic security measures that are so crucial for you. As we said, users don’t usually pay attention to having a strong password or checking before clicking because they see them as “basic” and don’t think how these measures could protect them. That’s precisely why the attackers can and will take advantage of the situation.

Raising cybersecurity awareness is more crucial than ever. You can’t leave everything to the cybersecurity professionals and assume your personal information “doesn’t matter to strangers.” This is your time to make a choice.

So, what are you waiting for? Do your part “#BeCyberSmart.”

If you want to learn more about this interesting topic, contact us.

Cybersecurity Awareness 

5 Ways to Raise Cybersecurity Awareness in your Business

Many years ago, you first knew the internet – this innovative technology made to make it better and easier for everyone publicly and privately. However, in recent years, due to the cyberattacks and vulnerabilities, people began to raise awareness about security around the world, mainly in organizations and businesses. If you look at the employment rate of cybersecurity positions, you’ll notice how much that’s been incrementing for the past 20 years, so cybersecurity awareness is necessary more than ever.

However, as businesses increment their security measures, you might wonder how to keep your organization secure. In this article, you’ll learn some tips to improve cybersecurity awareness in your organization.

1. Let cybersecurity be the #1 priority

The success of any cyber security awareness program depends on its implementation. The best thing you can do is take the time to identify and prioritize any weak areas — teams or departments which may benefit immediately from cybersecurity awareness training. Develop a comprehensive plan dividend in the long run.

2. Know your Organizational Tolerances

If you want to have a successful awareness program, your organization needs to evaluate the threat landscape and identify your top risks. That way, you’ll have a better understanding of the world’s threats that could compromise your security itself or even the organization. Your risk tolerance needs to be defined from the beginning; that way, you can implement the correct solutions to every risk coming and implement many security parameters even to prevent those risks.

3. Set specific rules for emails, browsing, and mobile devices

You must set rules for browsing, emails, and mobile usage. Now, why is that? Because these are the three top areas in which your information and security can be compromised. Setting rules to these will make your work more secure, and I promise you that your information will be in good hands.

4. Make Cybersecurity Awareness Training Mandatory For All

Implement Cybersecurity with the same courage and seriousness that you take into account other risks. Make cybersecurity training mandatory for everyone, whether through an external course or internal training. Regardless of the employee’s position in the company, everyone must be aware of the common threats.

5. Implement Cybersecurity Awareness right from the first day

It is always great to start on the right foot. If we want to have everything protected, why not start the right way? To do that, inform employees about their cyber-responsibilities. Adapting Cybersecurity as part of your onboarding processes and policies is an excellent method to educate users. So, this step is key.

There’s a high number of users being affected by attacks online. Organizations, enterprises, employees, data, everything is exposed to cyber threats and technology risks. Having a good cybersecurity system will help you protect your systems against various threats such as ransomware, malware, among others. Thus, your data and networks will be safe, avoiding the entry of unauthorized users who may have bad intentions.

If you want to learn more about this exciting topic, contact us.

Cyber Threat Intelligence: Lifecycle

Regular monitoring and reporting of emerging threats and vulnerabilities can alert you to take action and prevent an attack. Understanding the cyber threat intelligence lifecycle is key to successfully implementing a threat intelligence strategy, using information about what adversaries are doing, incorporating protective measures in your defense scheme, and reducing your organization’s attack surface. Incorporating cyber threat intelligence in your business strategy helps you to fight against cybercrime.

If you are looking forward to implementing this model in your organization, this article will explain the steps you can follow.

Note: If you are reading about cyber threat intelligence for the first time, I recommend that you stop for a moment and read this article with some key concepts.

Step 1 – Direction

In this first step of the cyber threat intelligence lifecycle, it is very important to define what will be the strategy to collect the information, the type of information and content, define and classify the availability and reliability of sources and communication flows, and formulate intelligence team roles and responsibilities.

Step 2 – Collection

In this step, we need to focus more on collecting the desired intelligence defined in phase one. The data can be collected in different ways through either technical or human means and directly or secretly based on the confidentiality of the information. Intelligence is collected through sources like human intelligence (HUMINT), imagery intelligence (IMINT), measurement and signature intelligence (MASINT), signal intelligence (SIGNT), open-source intelligence (OSINT), and loCs, and other third parties. Investing time in this step will increase your probability of having a successful cyber threat intelligence lifecycle implementation. 

Step 3 – Processing

Processing is the transformation of collected information into a format usable by the organization. Almost all raw data collected needs to be processed to deliver to the stakeholder’s actionable data.

Step 4 – Analysis

Here, the obtained data is analyzed and the unusable one eliminated. The data is converted into information by applying various data analysis techniques such as qualitative and quantitative analyses, machine-based techniques, and statistical methods.

Step 5 – Feedback

The feedback is an assessment that describes whether the goal of converting threat intelligence information into action is achieved. That way, the organization would have reduced the attack surface and risk exposure. In this stage, the analysis allows the organization to define another router if the goal is not achieved.

Step 6 – Dissemination

This is the last phase of this cycle. Its objective is to supply intelligence to whoever must execute the appropriate actions with sufficient diligence to avoid decision-making delay.

In summary, in this article, we expose you to the six steps that make up the life cycle of cyber threat intelligence. In the following piece of this series, we will talk about Cyber Threat Intelligence Sources – Talk to you soon!

cybersecurity market

Cybersecurity Market Watch

Cyber Security Market approach Analysis, Growth, Key Players, Shares, Drivers, Challenges with Forecast to 2026

A recent report published by Market Insight Reports states that the cybersecurity market is expected to grow substantially in the coming years due to the increasing digitalization and growing frequency of cyberattacks. Attacks that are basically focused at either destroying, accessing & stealing, and changing sensitive information, or interrupting the normal business processes, or generating money by fraud means from users.

The report presents an analysis of how the cybersecurity market is segmented in terms of products, organization type, industry, and regional landscape.

As for the industry, it states that the cybersecurity market is segmented into securities, manufacturing, banking, IT & telecom, government, and transportation.

  • The government sector held over 20% market share in 2019 due to increasing financial frauds on government digital assets.
  • The transportation industry is likely to witness a CAGR of around 12% through 2026 due to growing demand of IT security in connected vehicles.
  • The insurance sector will foresee a CAGR of nearly 15% through 2026 due to increasing cases of online identity theft and financial scams during insurance claims.
  • The securities segment will observe a CAGR of 14% through 2026 as the demand for malware attack protection is surging.

Click here to read the complete report.

Cybersecurity Podcasts

Top 5 Cybersecurity Podcasts You Should Start Listening To

Podcasts are here to stay. They are an alternative to visual entertainment and accessible on the go. You can listen to them from your smartphone, tablet, or computer while doing almost anything.

Podcasts are free entertainment loaded with tons of information. It all depends on what you want to listen to, the subjects you are interested in, and being able to find those podcasters that do a great job telling a story or talking to a guest in a way that catches your attention and makes you want to go from one episode to the next one.

There are tons of cybersecurity experts that have created their podcasts as a way of nurturing the audience interested in the field, sharing what they have learned through their many years of experience, and discussing everything that is happening in the industry.

In this blog post, we want to share with you our top favorite cybersecurity podcasts. We believe they are a great option, especially for those who are considering making a career change into the field.

1- The Unsupervised Learning Podcast, by Daniel Miessler

Every Monday, Daniel Miessler, a highly recognized infosec expert, shares an overview of the most current cybersecurity events. If something hits the news, Daniel will talk about it, and if it is something very important he will dedicate an entire episode to discuss and explain what and why something happened.

Listen on: Apple Podcasts and Spotify Podcasts

New episode: Every Monday

Website: https://danielmiessler.com/podcast/

2- Darknet Diaries, by Jack Rhysider

The cybersecurity expert, Jack Rhysider, educates and entertains his listeners about the cyber-threats in the world. This podcast is all about hackers, breaches, and cybercrime happening right in front of us without us even noticing them. 

Listen on: Apple Podcasts, Spotify Podcasts, Google Podcasts, RSS

New episode: Bi-weekly

Website: https://darknetdiaries.com/

3- The CyberWire Daily Podcast, by David Bittner

This podcast is a bit different from the rest, as it is run by a news service instead of a cybersecurity expert. On a daily basis, they discuss the latest events and news of the cybersecurity industry, so listeners can have a better understanding of cyberspace.

Listen on: Apple Podcasts, Spotify Podcasts, Google Podcasts, Pandora, RSS

New episode: Every weekday

Website: https://thecyberwire.com/podcasts/daily-podcast

4- Smashing Security, by Graham Cluely and Carole Theriault

A fun and informative podcast that guides you through cybersecurity news as well as the theory that supports this field. Graham and Carole have managed to make this as lighthearted as possible while still being able to address cybercrime. They usually go over different real-life situations in which organizations used scams to trick their customers to do something.

Listen on: Apple Podcasts, Spotify Podcasts, Google Podcasts, Overcast

New episode: Every week

Website: https://www.smashingsecurity.com/

5- Security Now! By Leo Laporte and Steve Gibson

Security Now! Is one of the longest-running cybersecurity podcasts, and it’s the perfect place to listen to relevant cybersecurity topics. On a weekly basis, Leo and Steve deep dive into a 2-hour conversation where they review important issues, like personal computer security, as well as long-standing problems, concerns and solutions.

Listen on: iTunes, RSS, Podnova

New episode: Every week

Website: https://www.grc.com/securitynow.htm

At CyberWarrior Academy we want to encourage you to start listening to these podcasts on a weekly basis. You can do it while exercising, walking the dog, or driving to work. Consider this as a good step towards your cybersecurity training.

Cybersecurity Audits

Why Cybersecurity Audits are Important

With the growing number of cyberthreats, it is becoming increasingly important for every organization’s audit plan to include cybersecurity. As a result, auditors are increasingly asked to examine cybersecurity procedures, policies, and tools to ensure adequate security controls are in place. Cybersecurity flaws can put the entire organization at risk, so these audits are more important than ever.

Organizations should perform frequent cybersecurity audits to determine how effective their security is and guarantee compliance with IT security guidelines and regulations. These audits are distinct from risk assessments, which look into an organization’s IT security safeguards and its ability to address issues. Instead, cybersecurity audits function as a checklist that enterprises may use to assess their security policies and procedures.

Cybersecurity audits enable companies to take a proactive approach when creating cybersecurity policies, resulting in more dynamic threat management.

Third-party suppliers do cybersecurity audits to eliminate any potential conflicts of interest. An in-house team can also administer them if they act independently of their parent organization.

The cybersecurity audit universe includes all control sets, management practices, and governance, risk, and compliance (GRC) rules in force at the enterprise level. An extended audit universe may even include third parties bound by a contract incorporating audit rights in some cases.”

Best Practices for a Cybersecurity Audit

Before beginning an audit, cybersecurity auditors should establish the audit subject and purpose according to the organization’s boundaries and constraints, including whether personal devices and external apps should be evaluated. Another factor that may limit the scope of the audit is whether the audit will focus on internal or external IT infrastructure.

In most cases, IT use extends beyond the internal organizational network, such as traveling, home-use settings, or cloud adoption. While this may increase cybersecurity risk, it is now standard practice in most businesses, especially given the large number of federal employees who continue to work from home.

It is a good practice to adopt a risk-based view and establish the objectives accordingly. Audit objectives should be limited to a reasonable scope and match the organization’s cybersecurity and protection goals. Also, look over the organization’s data security policies. Make sure you check the policy about data confidentiality, integrity, and availability before the audit begins.

Auditors can classify data and decide how many degrees are required to secure it, so it’s recommended to compile all cybersecurity and compliance policies into a single document, allowing auditors to better grasp the organization’s procedures.

As a result, the auditor will have an easier time identifying deficiencies. Network access control, disaster recovery and business continuity, remote work, and permissible use are some of the policies we suggest implementing.

Organizations should also disclose their network structure. One of the objectives of cybersecurity audits is to identify potential security gaps on company networks. Providing your auditor with a network diagram allows them to understand your IT infrastructure thoroughly, which speeds up the evaluation process, according to the firm. To make a network diagram, put out your network assets and explain how they interact. Auditors can more quickly spot potential flaws and edges with a top-down view of your network.

Before the audit begins, some of the organization’s IT and cybersecurity officials should review key compliance standards and criteria. Then, communicate them to the audit team to tailor the audit to the organization’s needs.

Finally, SecurityScorecard suggests that organizations compile a list of security employees and their tasks. Employee interviews are a crucial component of any cybersecurity audit. To acquire a better understanding of an organization’s security architecture, auditors frequently interview various security personnel.

How Often Should Organizations Audit Their Cybersecurity?

A cybersecurity audit is supposed to serve as a ‘checklist’ that validates the rules a cybersecurity team said are actually in place and that there are control mechanisms to enforce them.

Furthermore, a cyber security audit provides a snapshot of your network’s health. While an audit can give you a detailed look at your cyber-health at a single point in time, it can’t give you an insight into your ongoing cyber management.

Cybersecurity audits should be performed at least once a year.

Other experts advocate for auditing more frequently, although a number of factors influence how often an agency should audit its cybersecurity, including budget, current system or software upgrades, and compliance criteria.

professional development

How to Set Your Professional Development Goals

What is the first thing you do when you are going to jump into a new project? The short answer is that you set out different goals and the path and actions needed to get there. Professional development is not the exception.

In order to advance in your career and reach the level of expertise and role you are expecting to have, you need to set your own goals. These professional goals usually go around improving your skills, your career, your competencies, and capabilities in the workplace.

A key aspect here is that they are exclusively yours. You can’t copy or replicate your coworkers or leader goals. You need to identify those areas you need to work on, those skills, degrees, or certifications you want/need to earn, so you can get more experience in a certain area, move up in your workplace, and advance in your career.

Having your professional development goals with milestones and timeframes is the best way to fully understand how you are progressing towards them. They will also help you identify your long-term aspirations, make a great impression on your employer (they highly value workers who go the extra mile, and are dedicated to their job and career), and they will boost your motivation and productivity.

That said, here are the different steps you need to take to set your professional development goals:

1- Define Your End Goal

To set your professional development goals, the first thing that you need to do is answer a few questions that will help you understand how you envision your future.

  • Where do you want to be in 5, 10, 20 years from now?
  • What title do you want to have?
  • What type of organization do you want to work for? Private or public? Large corporation or small business?
  • In what industry do you want to work in?
  • What accomplishments do you want to achieve?

Once you have answered these questions, you can even add some more, try working things backward. Think of the skills, experience, and knowledge you will need to get there.

2- Take A Look To Your Last Performance Evaluation

Checking your last performance evaluation is a great starting point to identify those areas where you need to start working. If you don’t get regular evaluations in your workplace, then try asking your boss or someone in a higher-level role who you interact with on a regular basis,  what is the one thing you could improve that would help you the most. 

3- Set SMART Goals

Stick to the SMART methodology for setting goals. They should be Specific, Measurable, Achievable, Relevant, and Time-bound. This will help you set goals that not only are clear and realistic, but that also have a deadline to be accomplished by, so they are not left behind in your weekly/monthly to-do list.

4- Break Your Goals Into Smaller Tasks

Each goal should be accompanied by a strategy to achieve it and a set of milestones that will help you understand how you are progressing. For example, if your goal is to become a Cybersecurity Analyst, then your milestones would be to study the different certifications needed to get hired in the field, work on getting hands-on experience, and study everything needed beyond the certifications’ content.

5- Set Time In Your Agenda For Your Goals

We know that your schedule might be coped with tasks and meetings from your current job, but if you want to make progress and improve your profile, you need to set time on a weekly, or even daily basis, to complete all the tasks and goals you have set out for yourself.

Don’t kid yourself about getting everything done in just a few weeks, give yourself enough time so you can avoid feeling burnout, but not that long so it’s something that you will forget.

6- Check Your Progress

The last step in this process is setting the time on a monthly basis to track your progress. What have you been able to complete? What have you left behind? When will you complete it? How do you feel?     

Now it’s time for you to start working on your goals and begin the road to improving your skills, both in a personal and professional way. Make sure to write everything down, make them visible, make them nice. You want to feel inspired, not scared away.

Cyber Threat Intelligence

Cyber Threat Intelligence: 6 Key Concepts to Understand it

Over the past decade, we have seen a significant increase in cyberattacks. Criminals use an ever-growing set of techniques, tactics, and tools to compromise their victims’ systems. To address this problem, every defender must know about Cyber Threat Intelligence (CTI).

In this series of articles, our goal is to share the foundations of Cyber Threat Intelligence effective management and then guide you to convert threat information into threat intelligence – actionable information to improve your organization’s security posture significantly.

Understanding the adversaries’ motivation, tactics, and techniques have become a fundamental strategy of many organizations, especially for the teams entrusted with their defense, better known as blue teams. So, in this first article, we will talk about fundamental concepts. We will define a threat, threat actors, threat information, deep dive into intelligence, and clarify the difference between threat intelligence and cyber threat intelligence.

Threats

In terms of information security, a threat is a possible adverse action or event facilitated due to a vulnerability that can rise to an unwanted impact on a computer system or application.

A threat can be an “intentional” adverse event (for example, hacking: an individual cracker or a criminal organization) or an “accidental” adverse event (for example, the possibility of a computer malfunction.

Threat actor

An individual or group can take the action of the threat, such as exploiting a vulnerability to make a negative impact. Examples of actors are cyberterrorists, government/state-sponsored actors, organized crime/cybercrime, hacktivists, script kiddies, or “insiders.” In one of our following articles, we will define each actor, their motivations.

Information threats

Threat information from external sources, AKA “Threat Feeds,” often consist of curated lists of URLs, IP addresses, and domains known to be suspicious. These lists typically have known compromised hosts/applications or used by the actors of the threat. They have almost no derived context. To go deeper into this topic, we recommend reading about the pyramid of pain by David Bianco. In one of our following articles, we will detail the sources to learn more about this topic.

Intelligence

When we speak of intelligence, we generally refer to information enriched with data from other sources which is actionable and a cybersecurity professional can analyze. Our future articles will detail the following types of intelligence: HUMINT, SIGINT, FININT, GEOINT, CYBINT, and OSINT.

Threat intelligence vs Cyber Threat Intelligence

Threat intelligence analyzes adversaries, their motivations, tactics, and techniques, and how they carry out crimes that could be replicated in your organization. This intelligence becomes valuable when it can inform and assist defenders in taking actions to defend against these threats.

Cyber Threat intelligence is the analysis of how adversaries or cybercriminals use their strategies to perpetrate their attacks on vulnerable information assets. Like threat intelligence, whose value is to convert information about threats into actions to strengthen the security posture, CTI includes a set of atomic compromise indicators and learns from external and internal information sources and strategies to on implementing effective controls.

Organizations increasingly recognize the value of threat intelligence. However, there is a difference between acknowledging the value and receiving the value. Today, most organizations focus their efforts on the most basic use cases, such as integrating threat data with the existing network at the firewall level without taking full advantage of the insights that intelligence can provide.

This first article covered the fundamentals to start our journey on this exciting and fascinating topic. In the next installment, we will talk about the benefits that a company obtains when it adopts a threat intelligence process, suggestions about where the function of threat intelligence should sit within organizations, and the type of companies that are rapidly moving to this model, which is gaining greater relevance as cyber-attacks grow in sophistication.

Online interview

Acing an Online Interview

Think about all the things you did one year ago in person: grocery shopping, studying, working, and even going to yoga class! While some of them are back to normal, some are still done remotely. Our life has changed enormously! 

Online interviews are no exception. In fact, even before COVID took place, many organizations had decided to start having online meetings with their job applicants. Not only is it easier for both parties involved to just click on a link and join a meeting rather than driving there and open enough time in their agendas; but it is time-saving, and opens the doors to more candidates as it gives the opportunity to anyone, around the world, to apply for that job.  

Although the essence of an online interview is basically the same as one hosted in-person, there are some details that you need to look out for if you want to make a great impression. But do not worry, we are here to help you. In this blog post, we give you 8 tips that will help you ace this first meeting and get the job.  

8 Tips For An Online Interview 

1- Interview Rules Still Apply 

Just because you are home, does not mean you can be in your sweat pants and laying on the couch. If you want to make a great first, second, or third impression you have to dress accordingly. Don’t forget to even wear shoes, this will help your mind understand that you are in “work mode”.  

2- Do a Test-Run 

The first thing you need to figure out is what system will be used to connect you to the online interview (Zoom, Skype, Microsoft Teams, Google Meet, or even a WhatsApp video call), make sure you have downloaded it to your computer, and that it is working correctly. Also, check that your microphone and speakers are set and running, and a few minutes before the meeting starts, make sure your internet connection is working fine (try having a backup option).  

3- Do Not Let Distractions In 

Try having this meeting from a place where you would not get interrupted by outside noise, the sound of a TV, or your cell phone. You need to be fully concentrated so you can answer all the questions you are getting in the best way possible.  

Let your family or roommates know what you will be doing so they don’t open the door and make noise. Some recruiters understand that your kids can be at home making noise, but it is best for you to try to be in a place that is as quiet as possible.  

4- Work on Your Background 

Remember this is a work interview, you do not want a messy house or an unmade bed to keep you from getting that job. Try placing your computer or mobile device somewhere you can sit and have a neutral background, it can be a white or colored wall, a desk, or even a bookshelf. Just do not let it be a source of distraction.  

5- Prepare Your Answers 

Just as you would do for an in-person interview, take some time to prepare answers for the commonly asked questions. Think of examples of how you have used some of the frequent traits, skills, or even technology concepts in the past.  

Try writing down some easy-to-read/remember notes that can help you while talking to the person that is hosting the interview. And while you are at it, try to think and write some questions you want to ask about the organization, the role, and the industry.  

6- Get The Perfect Lighting 

If possible, stick to a place that has a great source of natural light, and if you can sit in front of it, even better. This will help you show the most natural colors, and highlight your eyes and facial features. If you do not have access to a place like this, then try to avoid being in the dark by placing a source of light on each one of your sides.  

7- It Is Important That The Interviewer Can See You 

When joining a video call we tend to fix the computer in a way that you can see everyone on the screen (and we even spend more time looking at ourselves than others), but during an online interview, this cannot happen. You need to prioritize the camera, remember he/she is evaluating the way you talk, your expressions, and even your background. So try to position your computer, and the place where you will be sitting, in a way that you are comfortable and they can get a perfect display.  

8- Check the Time Zone 

While it may seem obvious, one of the most common misunderstandings when joining an online meeting is the time. Confirm the time with the person you are meeting and make sure to check, and double-check, the equivalent for your location. You want to avoid the need to reschedule for something that could have been prevented.  

As a bonus, we want to remind you to speak naturally, to see the other person in the eyes, to watch for the gestures, and to talk slowly in a way that they can understand you.  

We hope these tips can help you ace that interview.