This episode is sponsored by the CIO Scoreboard
In this episode I interviewed Tyler Cohen Wood who has an impressive amount of experience in Cyber security, and Digital Forensic Security - in addition to helping the White House, the Department of Defense, The Intelligence Community, Federal Law enforcement and even NASA.
In our discussion on security, we talk about the different protections available on Social media and the different types of cookies and how to ensure that you are protecting yourself and your family to the maximum. Read further for more information as we discuss the following important points:
- The best protection is knowledge of how things work
- Super cookies, zombie cookies, flash cookies
- The importance of turning off Exit data on photos that will be uploaded to social media sites
- Downloading Apps - Understanding what you are doing and what you are potentially giving away to companies
- How do others perceive you online? How to research yourself online and see how others perceive you
- Be aware of your individual personal “brand”
- Executive Travel - posting your travel plans and location of working from home or working from a coffee shop
- How to understand online deception and vette people.
- How to become a human lie detector with statement analysis
- Teach your kids how to use a checklist to keep themselves safe online
As a business leader who wants to be fluent on the impact of current privacy and security challenges, you will find Tyler’s message educational on both the personal, work, and family areas of your life.
Tyler Cohen Wood is an expert in social media and cyber issues. She was a senior officer and a Senior Leader and Cyber Branch Chief for the Defense Intelligence Agency. She was a cyber branch chief for the Defense Intelligence Agency (DIA) within the Department of Defense (DoD) where she makes decisions and recommendations significantly changing, interpreting, and developing important cyber policies and programs affecting current and future DoD and Intelligence Community policies. She previously worked for the Department of Defense Cyber Crime Center as a senior digital forensic analyst, using her expertise in intrusion, malware analysis, and major crimes to bring about many successful prosecutions. Before joining the DoD Cyber Crime Center, she was employed at IBM and NASA as a senior forensic analyst.
She wrote the book Catching the Catfishers, where she explores the digital footprints that we all leave behind, whether we realize it or not. The book sheds light on a comprehensive set of online security components and teaches readers how to best protect their personal information from being put out and circulated on the web. She co-authored the textbook Alternate Data Storage Forensics and was featured in Best Damn Cybercrime and Digital Forensics Book Period.
How to contact Tyler:
Catching The Catfishers: Disarm the Online Pretenders, Predators and Perpetrators Who Are Out To Ruin Your Life
Alternate Data Storage Forensics
Rogue Base stations
Summarized Show Notes:
- “The best protection is knowledge of how things work”. You don’t have to become a coder, but think outside the box and how things can be a threat to you, your family and corporation.
- Understanding the impact of a company like Spokeo. Thoughts on personal privacy – do we have any anymore? Even if you never go on Social media or don’t use a smart phone. But there are other people posting things about you. You have a digital presence. When you read the Terms of service on apps, they will tell you what they are collecting and how they are collecting.
- We should try to secure companies with data like Spokeo. The book is about what we can do individually to take control. EU regulations - will be interesting to see what happens to see how companies can work around data.
- Photos - takeaways regarding privacy settings on this. Exif data. Pinpoints the exact geographic location from where the photo was taken. When you are dealing with a predator after your child, you don’t want too much information being taken from your child. Bad guys - are really good at what they do. But you can turn it off.
- Knowledge is empowerment. Understanding what you are doing and what you are potentially giving away to companies. Decisions can be made on what you want to do to use it.
- Cookies - obscuring identity through proxy systems. Super Cookies, Zombie Cookies and Flash Cookies. Cookies have a format - you can delete cookies. Usually used to auto-login to a site. But now - different companies are getting smarter and using zombie cookies that are harder to remove. To find out more about you to sell you stuff. Things you can do if you want to protect yourself. Don’t use applications as much, try to use the websites. Sometimes the cookies are polymorphic.
- Insurance companies and health companies - building profiles on us, with automated tools. Powerful tools - building up a story about us online. Sometimes people are more realistic about who they are on social media, sometimes not. IRS - utilizing this technology. This is stuff we have chosen to put out. When you take the posts from the perspective of an HR person would to find out about you - you might find out a lot about you to find out who you are. If you never post things, but you like a certain persons posts. That will tell us a lot about who we are as people.
- How do we assert some sovereignty over our life? What would an observer see about ourselves? You want to research yourself online. Sometimes privacy settings change. Do you want employers seeing this and a bunch of strangers seeing this? It’s a perception. Perceptions become reality.
- Think about it as your brand. When you post about your children and how your children are doing. Privacy settings can and will change. If you are posting things which you think is private. Someday that information might be available to college boards or recruiters. Set up a private group if you want to talk to a private group.
- As an executive, it’s very easy to find your address. Very easy to set up things like man in the middle attacks targeting that particular person. Rogue Base Station, Stingray, IMSI catcher. Those people can put updates through malware that given them control of your device. Base station you put in that your phone will connect to as the strongest signal that may be in a coffee shot. You will go through the rogue base station instead of the actual provider signal. People learning your pattern of life.
- Catching the Catfisher - what does it mean? What is purpose of the book? Teach people how to understand Wild West domain and empower themselves in ways that are easy to understand. To read deception in the online domain. Understand if those you are talking to are really who they say they are.
- Value in the book from purely understanding deception and becoming a human lie detector. Statement analysis. Deception techniques are important.
- Having a checklist is a way to engage your kids in the security instead of them feeling attacked
- Browsers can take control – Tyler personally uses Chrome. Added security features. Depends on what you want to use.
- Instant messaging - cyber dust. IMs. Context of messaging versus transport of messaging. Cyber dust - it disappears. If traversing through a network and network is keeping those packets it can always be re-constituted. There are low tech solutions to high tech issues. Someone can take a photograph of what you sent and send that around.
- As society we have to be aware of what we are putting out there because we don’t know where we’ll be 5-10 years from now.
- If there’s something that you want to do, don’t let anybody tell you that you can’t. If there’s something you want to do and you know it’s right, go for it, because you can do it.
This episode is sponsored by the CIO Scoreboard
All methods of how to access the show are below:
Leave a podcast review here
How do I leave a review?
Bill Murphy is a world renowned IT Security Expert dedicated to your success as an IT Business Leader. Follow Bill on LinkedIn and Twitter. Subscribe below for weekly podcast, CIO Mastermind and CISO Mastermind updates delivered to your inbox easily and effortlessly.