(Video) The hidden costs of doing the ICT yourself.

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd, Amazon #1 author on Cybercrime and founder of the SME Security Framework | Speaker | Consultant | Trainer discusses – The hidden cost of doing ICT yourself

[start of transcript]

Hello. My name is Roger.

And today, I’d like to talk to you about the hidden costs of small business doing their own ICT.

In a small business, we have direct costs, how much we buy something for, how much we sell it for. And we have indirect costs. And the indirect costs usually are the costs that we have no control of. And what happens when people start doing their own technical support is your indirect costs go up.

Now, most people are in business to make money and they are in business to do core business, whether that’s for selling widgets or consulting or any of those things. You’re not there, and your people are not there, to work on the information technology, information technology stuff that is making your business work.

And what happens with doing the ICT yourself is it really does take your focus off core business. It’s a lot easier to say to someone, “Come in and fix this and then go away,” than Joe Bob, who’s is the receptionist, or the senior salesperson or the marketing manager, look at the printer problem and say, “Well I just spent nine hours trying to get the printer to work. Now, I’ve got to call someone in.”

So, doing your own ICT is not cost-effective. And there really is no convenience in doing it. Because, as I’ve said, ICT is what makes your business run. But you don’t need to understand that 90 percent of making that system run, you need to understand the 10 percent that you used to make it all work for your business and do core business.

So thank you very much.

[End of transcript]

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME Digital Security Framework.   He is a Speaker, Author, Teacher and Educator on cybercrime and how to protect yourself from the digital world.

(Video) How the cybercriminals get you to cooperate

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd, Amazon #1 author on Cybercrime and founder of the SME Security Framework | Speaker | Consultant | Trainer discusses – Clever ways cybercriminals get you to let them in

[start of transcript]

Hello. My name is Roger.

And today, I’d like to talk to you about the clever ways cybercriminals get you to let them in.

So, there are a number of tactics and strategies that the cybercriminals use, both physical and electrical, that allows you to let them in so that they can do their nefarious deeds.

One of the ones that we’ve seen is they used fake access points. And there’s a thing called water-holing where all people congregate within a business. And usually where they’re congregating is actually where you are fixing and attaching to a Wi-Fi point. And if you make an access point the same username and you don’t give it a password, then, all of that information that you’re connecting to is being recorded.

But there are other things they do. One of the things that the bad guys do is they change file names so you might get an attachment that say “readthis.txt,” but you, and because Windows and Apple only read the .txt part, they don’t know that it says “.txt.exe.”

And most anti-viruses won’t allow that to happen. But there are some that regularly will bypass. There are other things that they do. Location of files, they use the actual operating system and the way it searches for information to serve out, so they might have a “notebook.xe” and “notebook.exe,” which is the real one. This one is found before this one, this actives malware and viruses.

Or, we use hosts and DNS redirects. And all those redirects take us to totally different sites. And there’s a number of sites, for instance, if you go to anz.com.au, you go to Australia National Bank. But, if you go to anz, then you go to a fake bank. And that’s how they catch you, just by substituting that one letter.

But one of the other things they do is they use a bait and switch. They get you to download legitimate software, especially if you’re downloading legitimate software from a pirate site. Because if you are doing that, then you are making yourself vulnerable. Because that information that you’re downloading is being stolen by the criminals and has been created to make look like a real information.

So, as you can see, the cybercriminals can be very, very clever. And we have to use a number of systems to make sure that we catch them before they get into our system.

If you need any more information, please contact us. Thank you.

[End of transcript]

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME Digital Security Framework.   He is a Speaker, Author, Teacher and Educator on cybercrime and how to protect yourself from the digital world.

(Video) A firewall does protect you from the Digital World

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd, Amazon #1 author on Cybercrime and founder of the SME Security Framework | Speaker | Consultant | Trainer discusses – A firewall does protect you in the digital world

[start of transcript]

Hello. My name is Roger.

I’d like to talk to you today about A Firewall does protect you in the Digital World.

A Firewall is a piece of hardware or software that sits between the real digital world and your device – whether it’s your laptop, your server, your network, your smart device. It sits between the digital world which is out there, and your privately owned piece of it.

And that’s all it’s there to do. It’s there to stop the bad guys coming in to your system and doing damage on your system. It allows information from your system that is requested to go out to the digital world and then come back in again.

And in other cases, it’s very effective about stopping that first level of attack that we have from the digital world.

When it comes to network management and protecting yourself at a network level, then, you need to spend a little bit of money to get a more expensive model of the router/firewall modem component because that is what is going to protect you from the digital world. And that expensive model, whether it’s a FortiGate or a CISCO, or a Palo Alto, is really important because it has a lot more features as well. And we have things like 2nd generation firewalls coming in to the information.

Thank you for listening and if you have any other, if you have any questions, please contact us on the slides after this.

[End of transcript]

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME Digital Security Framework.   He is a Speaker, Author, Teacher and Educator on cybercrime and how to protect yourself from the digital world.

17 reasons why we should be listening to the digital security expert

The same way that we listen to accountants, solicitors and motor mechanics, the digital security expert has an important role to play in supporting your organisation.

Digital security is becoming one of the most important areas of modern business.

For some reason we believe technology in business is easy.  So easy in fact, that we just install it and forget about it.

Anyone can do it.

Like other professions what you do and what you can do are total opposites.  An accountant, for instance, can make you more money by legally changing your tax requirements, or a solicitor can get you a reduced fine or jail sentence better than you could if you were representing yourself.

So a digital security expert can make your organisation more secure because they have studied business and technology, but more importantly they have a better understanding of what the bad guys are doing.

Here are 17 ways that a digital security expert can make your organisation more secure:

  1. They study the bad guys – being a digital security expert is not about selling the next best thing (if there is such a thing).   Being a digital security expert is more about understanding your enemy.   The more you study the cybercriminal the better you get at predicting their next move and being able to be one step ahead.
  2. They keep abreast of what the bad guys are doing  – digital security experts use the same world that the cybercriminal uses to perpetrate their trade.   They are in the dark web, watching, recording and documenting what the bad guys are going to do next.
  3. They understand business requirements  – what most people do not understand is that the digital security expert has to understand business.   They have to understand marketing, management and cash flow.   They need this information to ensure the recommendations that they give to their clients will not impact their business, or have minimal impact on the way business functions.
  4. They understand technology  – in most cases a digital security expert is at the same level of technology understanding that the bad guys are.   To ensure that your business is not vulnerable to a cyber-attack they have to know the technology to ensure it is safe.
  5. There is no such thing as being too small to be a target  – if you have a digital footprint,(yes we all have one) no matter how small, then you are automatically a target of cybercrime.   If you have a smart device, an email address or an Internet connection then you are a target.
  6. There is no such thing as 100% secure  – against popular belief, there is no such thing as being totally secure.   The digital world is ever changing, so are the tactics, strategies and targets of the cybercriminal.   There is always someone else out there who knows that little bit more.
  7. Everyone is a target  – if you have a smart device – you are a target.   If you have an email address – you are a target.   if you have a web site – you are a target.   The larger your digital footprint the bigger the target you are.  The more your footprint will be targeted by the automated systems that are sold by the criminal gangs.
  8. Technology is not the only answer  – there are four components of being secure in the digital world.   Technology is one of them.   The other three are management, adaptability and compliance.   All four components together make a more secure environment than just technology alone.
  9. People are your best defence  – your staff and users can be either your best Defence or your biggest problem.   If you educate them with proper digital hygiene then you will not only get them to protect themselves but also the flow on effect is that they protect your organisation.
  10. Complex, unique and long passwords are good for business  – we all hate these.   To access the digital world we need a username and password combination.   The more we rely on the digital world the more important these components are.   All passwords should always be complex (letters, numbers, symbols, capitals), more than 8 characters long and they have to be unique for each site.  That’s pretty easy isn’t it?
  11. Penetration testing will prove you have it right  – penetration testing is one of the best ways to test your defences.   Penetration testing should also be carried out across all components of the business.   From websites, to cloud Infrastructure, from social media to smart devices.   A contracted penetration tester should have carte Blanche across the whole network.   You are not on a witch hunt or targeting the IT department, you are finding holes in your organisation and finding ways to resolve the risks before you are compromised or hacked by the bad guy.
  12. Think when using social media  – social media is great.   It is also one of the best systems used for social engineering by the bad guys.   Information that is posted to social media sites is there forever.   Educate your staff about the dangers of social media.   Put a social media process in place to ensure that trade secrets and intellectual property is not posted out there, and each post is checked before going live.   In the heated exchange of a social media discussion, think before posting.
  13. Get paranoid  – paranoia is the understanding that everyone is against you.   In the digital world this is truer than our normal world.   Does that make you paranoid? Not really but having the understanding that everyone in the digital world is out to get you makes you more secure.
  14. Use common sense  – everyone remembers the old Nigerian Prince scam, people are still getting caught by it.   There are a number of things to remember on the digital world – if it is free then it is not (you always have to give something to get something), if it’s free it could be infected with malware, if it’s free somewhere along the line you will have to pay a lot more than what you expected.   Using common sense to make that decision is critical.
  15. Email is a broadcast medium – We often forget that although email is targeted, sent specifically to individuals or groups of people, it can go astray.   It could be sent to the wrong person via the email fields being filled in automatically.   Email can also be forwarded, printed and scanned, sent to people who it was not intended.   Like all types of communication be careful with email.
  16. Digital security is a whole of business endeavor  – we are constantly told that digital security is an IT problem.   No it’s not, it is a whole of business endeavor.   Everyone and every department has an impact and input on the digital security of the organisation.
  17. Have a mantra  – I have a mantra “digital security is my problem”. What that means is that I take personal responsibility for protecting myself and protecting others.   The more people who change their attitude to this mantra the more secure your organisation will be

A digital security expert can and will make your business more secure and like any other profession, what they bring to the table is well above normal expectations.   Like accountants and solicitors their expertise can save you substantial amounts of money, sleepless nights and angst, just by them doing their job.

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME digital security framework.   He is a Speaker, Author, Teacher and educator on cybercrime and how to protect yourself from the digital world.

 

(Video) What questions should I be asking about my Managed Service Provider

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd, Amazon #1 author on Cybercrime and founder of the SME Security Framework | Speaker | Consultant | Trainer discusses –  What questions should I be asking about my Managed Service Provider

[start of transcript]

Hello my name is Roger and today I’d like to talk to you about what questions you should be asking about your managed service provider or your access source I.T. company. There are a number of questions you should be asking before you even get involved with an outsourcing company. Are they stable? Have they been around for a while?

Have they been around for three years or have they been around for three months? Depending on if they’ve been around for three months also depends on what sort of expertise they have. The next question you should be asking is are they scaled.

Your business is booming and you have now gone from ten people to twenty five people in a space of three months. So are they going to be able to manage that scale when that happens for your business? Do they have any experience and the expertise within the business?

Do they know how to set up a Cisco rather or are they going to play around with it and hope for the best? Do they know how to set up a client based server, or again are they going to hope for the best?

Have they got policies and procedures in place to make sure that if John Watts comes into your office to fix something that Peter, the next I.T. person is going to come in and not have to relearn everything that’s been done?

This is really important because if you’re paying an hourly rate he’s going to take three hours to do so that he took an hour to do because he doesn’t know what’s been done and that’s a really big impact on a business.

Another question you should be asking is also are they helping my business. Are they making sure I have the right technology? I’m using the right technology in the right place. I’m using the right systems to make sure things are going to work.

Because if you don’t do that, then your business is going to have problems competing with other businesses and you’re going to have that sort of issues with making sure that you’re competing at the right levels.

One of the other things you should be asking is are they nameless and invisible. Have you had an MSP or contract with a company where you haven’t seen anybody? The only person you’ve spoke to is a voice on the end of the telephone. The only person you speak to is a new man. Are they in your office? Do people see them? Are they seen regularly to make sure that your systems are working to the best level, not just invisible to everybody else?

Thank you very much.

[End of transcript]

(Video) How can a MSP / MSSP increase business efficiency

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd, Amazon #1 author on Cybercrime and founder of the SME Security Framework | Speaker | Consultant | Trainer discusses –  How can a MSP / MSSP increase business efficiency

[Start of transcript]

Hello my name is Roger and today I’d like to talk to you about how a managed service provider or a managed security service provider can increase your business in efficiency. SMEs have a large problem when it comes to I.T. Not so much that they don’t understand it, but what happens is in a small or medium businesses up to twenty five people, you usually end up with someone who knows computers.

They will be doing all of the stuff that they need to do to make sure the business is working. Those people who know computers might be a salesman. Might be the secretary. Might even be the CEO, who have a lot better things to do than looking after the printer or making sure a database is right.

You are taking people away from their core business and I know CEOs like to work sixty hour weeks, but I guarantee if you take the I.T. worries away then they have a better way of making more money and it’s a better way of doing business.

So an MSP and an MSSP coming to the table as an outsourcing product gives you a large area to be able to work with cause they have better ways of doing business. They understand the technology and they can implement more efficient and effective solutions for your business.

They’re not there just to be—to implement stuff that’s not going to work. They are going to make sure that it’s going to benefit your business and take you to the next level.

Thank you very much.

[End of transcript]

(Video) What is Business Continuity?

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd, Amazon #1 author on Cybercrime and founder of the SME Security Framework | Speaker | Consultant | Trainer discusses –  Business Continuity

[Beginning of transcript]

Hello! My name is Roger and I’d like to talk to you about what is Business Continuity.

Business Continuity, along with disaster recovery, are looking at critical compartments and functions of the organization and make sure that they will continue to run if there’s an interruption to your business.

So, it counteracts business interruptions to a level where you know that if something is going to happen or something has happened, you will be in a situation where it will be a better problem day forward.

So, with the business continuity plan, you have to have solutions to problems and business continuity does solutions have to have an understanding of how they are going to impact the business of the organizations.

There are two main components of Business Continuity:

Your Recovery Point Objectives –which ones do you want to get up and running again and how fast you need to do that is called a Recovery Time Objective.

And those two components are what you should be looking at in the business to find out what is going to be good for your business and how fast you need things up and running.

But with that Business Continuity, there’s a lot of things. You have to understand that if you have a disaster and you need the business continuity plan or the business continuity has to come in to it, you need to know that you have to spend money to get back to where you were and who has the purse strings and how people access that money is part of business continuity.

Also, you need to have a compliance component. The compliance component make sure that your business is up and running and protecting everything that it needs to protect your tasks.

Thank you very much.

[End of transcript]

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME Digital Security Framework.   Rapid Restart Appliance Creator.   He is a Speaker, Author, Teacher and Educator on cybercrime and how to protect yourself from the digital world. 

(Video) What is Business Continuity Planning

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd, Amazon #1 author on Cybercrime and founder of the SME Security Framework | Speaker | Consultant | Trainer discusses –   what is Business Continuity Planning

[Beginning of transcript]

Hello. My name is Roger and today I’d like to talk you about Business Continuity Planning.

So, What is Business Continuity Planning? Well, that is making sure that if something happens to your business, that the business is going to continue as business as normal or if something has happened and it has a detrimental effect on you, how far or how long is it going to take before you get back to business-as-usual.

Today in business continuity plan, you have to have an impact analysis of what risks and mitigate those risks to make sure that you have the best in place of things if things go wrong that they could recover from.

So, you need to have your Recovery Time Objectives – what is critical to the business, how fast does it need to be backed-up? If something fouls and it is critical to the business, can it be done at all? And if it does go down, what are you going to do about it?

But also, you need to do a risk assessment and this is all about risk. You’re looking at the risks of the business and making sure that you are taking overly-expectant consideration in making decisions based on those facts. If you need email to work all the time, then that is a business continuity consideration. If you need your database to be accessible at all times for the website, then that is a business continuity assessment. And then you have to mitigate all those risks to put systems in place so that your business continues no matter what.

So if you have a on-site, website server and your internet goes down, then you lost a large component of your business. So how do you make sure that doesn’t happen? Well, you have to download systems or you move your server, you mover your website to a cloud or to a cloud-server or to a hosted system. But on top of that, you have to also keep monitoring and testing to make sure that if things are changing, how do we make sure that business continuity is changing with them. And if we add things or remove things, we have to change the plan to make sure that we are no longer consuming the old technology and we are now using the new technology.

Thank you very much.

[End of transcript]

(Video) Lets discuss Cloud, Mobility and IOT

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd, Amazon #1 author on Cybercrime and founder of the SME Security Framework | Speaker | Consultant | Trainer discusses –  Cloud, mobility and IOT

[Beginning of transcript]

Hello. My name is Roger. Today, I’d like to discuss the Cloud internet things and mobility for small and medium businesses. And it’s now the catch-phrase and soon to be followed by things like 3-D printing, because Cloud IOT, mobility, BOYD ( bring your own device) helped changed the face of business in the last five years.

They changed business in two ways: they made it cost efficient to use in some of of the systems because you’re negating from operational expenses of viable hardware and software to a capital . . . try again, you go to a capital expense viable hardware and software and making it all work to an operational requirement. So, you’re paying as a monthly fee, just like you’re paying your telephone bill and your electricity.

And the cloud is made to happen and the cloud is making it happen across the board, worldwide now. Someone in Somali can run a multinational business just as long as they have an internet connection. But the internet affairs is a lot of things that we really factor in. The air-conditioner over there, depending on how complex it is, will have some component of internet things.

You see, the internet things will compromise to a level where the refrigerator will send out 10,000 spam emails or a television has been taking photos of what is happening in the world. And then, there is of course the utilization of both of these components that makes the mobility of your workforce a really important factor in having your business because you are now in that level where he can say to a person, “Here’s your tablet and everything you need on it is now ready to go”.

But as I said, 3-D printing is going to be something that is going to be revolutionized in the manufacturing business because they are going to be able to take a design, get printed and get delivered to you in a matter of days, something that we haven’t been able to do for a long, long, time.

So, what we’re looking at with cloud IOT mobility is the industrial revolution part-2, that we haven’t quite come up in another year on what we are going to call it again because we are still in the middle of it.

Thank you.

[End of transcript]

(Video) How can the Cloud be a better way of doing business?

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd, Amazon #1 author on Cybercrime and founder of the SME Security Framework | Speaker | Consultant | Trainer discusses –  How the cloud can be a better way of doing business.

[Beginning of transcript]

Hello. My name is Roger and today I’d like to talk to you about How the cloud can be a better way of doing business.

We all heard about the cloud. It’s a case of we demand move a capital expense on hardware and software to an operation expense where we are only paying for the use of systems. And because we’re doing that, it’s now a lot more cost-effective to use the cloud to do what we need to do.

It’s not going to cost me $25,000 to set up a server, it’s going to cost me $500 a month. And if you think about $500 a month could be expensive, so you look around for cheaper ways of doing things. But also, the cloud makes it convenient.

I consider the café down the road and I can pay my bills or I can transfer money to my employees or I can buy stuff. And that makes it really convenient for me as a business owner to be able to do anything I want.

And that is one of the reasons why the cloud is becoming a better way in doing business because it is cost effective and it is convenient. And those two things are really important to any small business.

Thank you.

[End of transcript]