← The Knowledge Project

#93 Matt Holland: Zero Day

Sep 29, 2020 1h 27m 24 insights
Matthew Holland is one of the world’s leading authorities in cyber security. He explains exploits, hacking, and defending while providing insight on the mind of the attacker, Huawei, Snowden and what you should be asking your cyber security vendor. -- Want even more? Members get early access, hand-edited transcripts, member-only episodes, and so much more. Learn more here: https://fs.blog/membership/   Every Sunday our Brain Food newsletter shares timeless insights and ideas that you can use at work and home. Add it to your inbox: https://fs.blog/newsletter/   Follow Shane on Twitter at: https://twitter.com/ShaneAParrish
Actionable Insights

1. Proactively Secure Your Company

If your company lacks a cybersecurity vendor or assistance, immediately seek one, as every company, regardless of size, is a target for attackers.

2. Prioritize Preventative Cybersecurity

It is significantly easier and cheaper to implement preventative cybersecurity measures and harden your systems against attacks than to react to a breach, a reality that businesses must accept.

3. Demand Holistic Cybersecurity Solutions

Seek a comprehensive cybersecurity solution that protects your data across all potential attack vectors, including endpoint, network, cloud, and IoT components, designed to adapt to future threats.

4. Don’t Fear Seeking Cybersecurity Help

When facing cybersecurity challenges, do not be afraid to ask for help from experts or vendors, as it’s crucial for protection.

5. Ensure Adequate Security Protections

Implement adequate security protections to avoid significant fines and legal obligations for reporting compromises in customer data, especially if it’s shown your company wasn’t taking the problem seriously.

6. Remove Barriers for High Performers

As a leader, remove bureaucratic barriers and quickly provide employees with the tools they need to excel, empowering them to produce amazing results.

7. Unleash Employee Potential

Empower employees by clearly stating goals and problems, providing necessary resources, and allowing them autonomy to solve issues, fostering an environment where they can unleash their full potential.

8. Align Team with Clear Company Goals

Ensure everyone in the company is aligned and moving in the same direction by being straightforward, frank, and honest about internal assessments and clearly communicating company goals to all employees.

9. Foster Team-Centric Entrepreneurship

Entrepreneurs should emphasize that success is a collective effort, not solely about their individual journey, by expressing appreciation for team members and reinforcing that ‘we’re all in this together’.

10. Cultivate Decisive, Confident Leadership

Develop the ability to make confident decisions and avoid paralysis by filtering out noise and focusing on what truly matters, which improves over time with practice.

11. Prioritize Aggressive Execution

In challenging times, prioritize aggressive execution over caution to gain a competitive advantage, understanding that turning great ideas into reality requires focused and effective implementation.

12. Share Knowledge Within Your Team

When you learn something new, share it with your colleagues to foster a strong team environment and mutual education.

13. Implement Multi-Factor Authentication

Use multi-factor authentication for email setups to prevent brute-force password attacks, which attackers use to gain access, profile your routine, and potentially execute financial redirection scams.

14. Limit Public Digital Footprint

Be aware that attackers profile targets by probing online services, identifying easily accessible email addresses on websites, and analyzing social media presence, so limit publicly available information.

15. Seek Problem-Solving Cybersecurity Partners

When choosing a cybersecurity vendor, look for partners who prioritize identifying and fixing your specific problems and helping you improve over time, rather than just selling a generic software solution.

16. Choose User-Friendly Cyber Solutions

Select cybersecurity systems designed for users without technical expertise, ensuring the solution works effectively even if the user doesn’t have a deep interest or background in cybersecurity.

17. Demand Guided Cybersecurity Action

Opt for cybersecurity solutions that provide clear, concise, and guided instructions on specific actions to take when an issue arises, rather than expecting users to research and implement complex technical fixes themselves.

18. Beware Cybersecurity Buzzwords

When evaluating cybersecurity vendors, be wary of buzzwords like ’next generation,’ ‘seamless,’ ‘AI,’ or ‘machine learning,’ as these are often red flags indicating sales jargon rather than substantive solutions.

19. Avoid Bundled Cybersecurity Overload

Do not fall for vendors pushing a multitude of disparate cybersecurity solutions as a single necessary package, as they often don’t work well together and are not all essential.

20. Choose Iterative, Future-Proof Solutions

Prioritize cybersecurity solutions that are iterative and engineered to handle future threats without relying on marketing buzzwords, as these indicate a more robust and adaptable defense.

21. Beware Cybersecurity Black Box

Be aware that the cybersecurity industry often operates as a ‘black box,’ where businesses may not fully understand what they are buying, which can be exploited by vendors.

22. Embrace Solving Hard Problems

Find enjoyment in tackling difficult problems, as this can be a strong motivator for entrepreneurial ventures and personal growth.

23. Pursue Impactful Entrepreneurship

When considering new ventures, choose to tackle significant, world-changing problems rather than simpler ones, as the effort required might be similar but the potential impact far greater.

24. Acknowledge Partner’s Support

Recognize and appreciate the crucial role your partner plays in your success, especially as a workaholic, as their support can be a significant factor in achieving your goals.