Disasters can strike without notice, which is why now is always the time to prepare; Before a disaster is upon you. Out West, we have increased risks of fires, in addition to the ever-present shakes on the Richter Scale. The Gulf Coast is used to Hurricane Season and the Midwest is accustomed to tornadoes, but is anyone really ever used to disasters? One of the fastest-growing risks in our lives in the Digital Age is cyber-attacks. I will cover them below.
This week I attended a Cyber Security Forum. It is certainly a hot topic in the wake of the Colonial Pipeline ransomware hack. And that followed the SolarWinds breach, which the extent of the damage is still not fully understood. On the panel was:
- Ian Bremmer, Political Scientist and Founder of Eurasia Group
- Brad Smith, President of Microsoft
- Juliette Kayyem, National Security Analyst and Former Assistant Secretary for Intergovernmental Affairs at the Department of Homeland Security
- Jane Harman, Former Congressional Representative and current President & CEO of the Woodrow Wilson Center, as well as a member of the Homeland Security Policy Committee
- Wolfgang Ischinger, Former German Ambassador to the United States and current Chairman of the Munich Security Commission
“Cyberspace is a tool and a weapon.” That’s the consensus view. The lines between peace and power have been blurred. American infrastructure, more and more, is run in the cloud. The world relies on the constant flow of information in the cloud for modern society to exist. It’s very disruptive when it’s compromised. Our National Security is in the digital space now as much as it is in the physical space; Perhaps even more so. That’s only going to increase.
The Colonial Pipeline hack should be another wake-up call. The problem is, many seem to still be sleeping on cyber risks. Best practices for cybersecurity are simply not being used. The sophistication of hacking continues to increase. The group agrees that there’s going to need to be more public/private alignment. That means Business and Government need to coexist together. There is a precedent for this. It’s the relationship that Lockheed Martin and Raytheon have had with the Department of Defense for decades. Going forward, the Tech Titans could take on that expanded role with Uncle Sam. What complicates the matter is the constant talks of breaking up Big Tech in America. There’s political momentum on this subject. It’s very complicated. That said, there’s no chance of China breaking up its Tech Titans. Quite the opposite; They control them. The Digital Age is all about Data. With 1.4 Billion people, China owns a great deal of data, and the nation studies and uses it to its advantage. That is no small deal. China might lack the innovative DNA of America, but they have the desire and the resources. And China has become an innovator. They’re certainly ahead in 5G and making major strides in Machine Learning.
Here’s the greatest obstacle: There are no global rules for cyberspace. The Digital Age has been created with new technologies and no architecture. Governments have been in chase mode all along. The same thing happened with nuclear weapon development in the mid 20th century. It took decades for treaties and nuclear rules to take shape. The panel believes there is no chance of a re-set in relations with China and Russia anytime soon. Relations are more strained since the Cold War. Activity in the South China Sea just this week supports that notion. It’s believed that China and Russia can actually match the US with cyber capability and are clearly willing to use it; they already are. Russia is believed to be behind both the Colonial and SolarWinds hacks. There has been little consequence. Everyone knows it. The bad guys are unafraid, so they keep going. The United States spends 7X what others spend on cybersecurity. The USA is the biggest global target.
Many are calling this a New Cold War. However, the landscape has completely changed. China isn’t investing in nuclear capabilities. Their R&D is focused on cyber in the Digital Age. Governments support hackers. Much of the activity is state-sponsored terrorism in cyberspace. America never envisioned a world where the rest of the world did not want to be us. China has made it clear, they don’t want to be like the US. China wants to be China, dominant in the 21st century. That’s as important a message as any.
The panel believes that the Private sector needs to lead with Government support. Currently, it’s the Private sector’s responsibility for the vast majority of infrastructure protection. Lines are definitely blurred. The group said that President Biden’s Executive order is a good start. It’s an important first step. It increases defense lines. Now, Private firms that do business with the Federal Government must share information and prove their security protocols. A big problem; Our government is very dysfunctional right now. We don’t trust our own government, let alone those overseas. Trust is the currency of diplomacy. We’ve lost it.
Disinformation is perhaps the biggest risk in our nation. That is the belief of this panel. That was the case in my session with Panetta, Bolton, Flournoy and Mullen too. The political divide, expands to social and economic; And it’s wide. Confidence in our institutions, government, health, and academia has shrunk. A major issue is the fact that many people only believe disinformation happens to other people, not them. They tend to believe what they want to believe, and social media provides silos of reinforcement. There are so many echo chambers of non-truth telling today. It’s becoming so hard to escape and seek truth.
What can we do to protect ourselves from cyber hacks? Here are some tips we’ve circulated before, but are timeless best practices:
10 Tips for Cyber Safety
Cyber threats are increasing in both volume and sophistication every day. Guard your information closely!
1. USE PASSPHRASES
A passphrase is an unpredictable password in the form of a sentence that is at least 12 characters long. Never use the same password for multiple accounts. Don’t share your passphrases or passwords with others.
2. APPROACH EMAILS WITH CAUTION
Phishing emails can look a lot like messages from a trusted source, including friends, financial institutions, companies or services you use regularly. Do not open messages that appear suspicious. Do not click on links in messages that appear suspicious or ask for personal information. If you are unsure of an email that appears to be from a trusted source, contact them using contact information you have in your files, not what is listed in the email, in case it is fraudulent.
3. DON’T SHARE CRITICAL DATA VIA EMAIL
Do not provide your personal information to anyone via email, including account numbers, social security information, usernames or passwords. When sharing critical data on websites, make sure that you’re on an authentic and secure website. Look for the “S” in HTTPS and a lock symbol in your browser address bar. The “S” stands for secure.
4. STRONG AUTHENTICATION
A 2-step verification process provides an extra layer of security beyond your username and password to protect against hijacking. Many online services offer this additional security protection as an option.
5. BEWARE OF HOTSPOTS
Stick to secure Wi-Fi networks that use encryption. It is secure if you’re asked to provide a WPA or WPA2 password. Hotspots in public spaces are often not secure. It is best practice to use your smartphone as a hotspot.
6. KEEP YOUR SOFTWARE UPDATED
Keep your software, apps and security programs updated. Download and install updates whenever they are available immediately. Updates often resolve known security glitches.
7. BACKUP IMPORTANT FILES
Protect your data by making copies of all of your important files, including photos and music to medical and financial information. Be sure to store the device that holds your copied files in a secure location – or you can use a cloud backup service.
8. KEEP IT ALL IN THE FAMILY
Ensure that your family members, including children, understand the importance of cybersecurity. Help kids learn to create strong passphrases that are unique and suitable for their ages. Some things need to be kept in the family, including passwords! Remind your kids to always log out of an account when they are done with a website.
9. CHECK YOUR CREDIT REPORT & STATEMENTS
Check your credit report and statements regularly. You can check each of the 3 credit bureaus once per year at: https://www.annualcreditreport.com. Be sure no one has opened accounts in your name and check for other suspicious activity. Monitor activity on your checking, credit card and financial accounts for unknown transactions. If you locate any suspicious transactions, report them to the institution immediately.
10. IF YOU BECOME A VICTIM, REPORT IT
If you experience a Cybercrime, contact your local law enforcement right away. You should also reach out to the Internet Crime Complaint Center and the Federal Trade Commission. Remember to document, document, document! It is crucial to keep any evidence you may have related to your complaint.
Natural Disasters
Natural disasters seem to be larger and more frequent these days. Whatever the reason, the climate is changing. That’s certainly the case in the Bay Area. Fire Season started earlier than ever in California. I just can’t believe Fire Season is even a thing; But it is. Your local community can be a great place to start your preparation. Communities often have emergency notification systems where you should register, as well as evacuation plans and other vital information specific to your location. Here are some best practices to be prepared for a natural disaster:
FAMILY PREPARATIONS
- Prepare “Go Bag” backpacks for your home, car and work containing supplies for up to one week. Kits can be purchased, or you can build your own. Be sure to include: Cash, passports, water, food, can opener, first aid supplies, medication, hygiene items, flashlight, radio, batteries, solar charger, clothing, sturdy shoes, heavy gloves, small tools, supplies for your pet, copies of important personal documents and photos of your family and pets (a memory stick works well for this).
- Tools and items for emergency shelter should be kept where they are easily accessible.
- Have a plan to evacuate and to reconnect with family members if power and cell phones are out. Choose a place to meet close to home and one outside the neighborhood. Identify someone out of the area to call with information. Practice with your family.
- In an emergency, the Red Cross has a “Safe and Well” service where someone in a disaster area can post their information and other family members can search for them. https://www.redcross.org/get-help/disaster-relief-and-recovery-services/contact-and-locate-loved-ones.html. Let your friends and family know about this if you plan to use it or another service.
- Update your CPR and first aid skills; consider CERT training (Community Emergency Response Team). Many communities offer these classes. To find yours go to your community resources or https://www.ready.gov/community-emergency-response-team.
- Have copies of your important documents stored offsite – in the cloud or a secure place outside the potential disaster area. These include records for health, home, insurance, Personal ID, estate documents and keepsake photos.
FIRE PREPAREDNESS
- Create and maintain a defensible space by clearing brush and other flammables away from your home, gutters and roof.
- Use fire-resistant roofing, siding, enclosed eaves and fire-resistant air vents. Don’t forget decks, fencing and outbuildings.
- Check your smoke detectors and fire extinguishers to be sure they are working.
EARTHQUAKE READINESS
- Retrofit your foundation and add bracing as appropriate for your home.
- Secure large appliances, tall furniture and your water heater. Use flexible gas and water lines.
- Know how to properly turn off gas, water and electricity to your home. Contact your utility company if you are unsure of the procedure. Consider having an automatic gas shut-off valve installed by a professional.
FOR YOUR FINANCES
- We recommend having some funds set aside that are liquid and quickly accessible in case of disaster. This can be in an investment account or a bank account.
- Periodically have your homeowner’s insurance policy reviewed by your broker to be sure it will provide the coverage you need to repair or replace your dwelling. Many homeowners only find out that they are underinsured after a disaster.
- Flood and earthquake require separate insurance policies. Work with a qualified broker to discuss this coverage if you are in an area where these disasters could happen.
- Make a detailed inventory of your valuable items – photos and videos are helpful. Store this offsite with your other important documents.
Mind over matter. The best decisions are made when you can think rationally and logically. Stress brings out emotions, which doesn’t always lead to the best decision-making. Especially when you’re frantic. I playfully remind my Team about the 6 P’s in everything we do. Proper Preparation Prevents Piss Poor Performance. It’s a motivator. But there’s nothing playful about emergency preparations. Too many people put it off or flat out neglect it. When an emergency happens, it might be too late. Our total commitment and relentless focus for you are well beyond the portfolio. Please consider using these best practices to your advantage. Spread the word. It’s part of achieving and maintaining financial fitness.
Have a nice weekend. We’ll be back, dark and early on Monday.
Mike