There *is* a common thread running through these three things.

Hi. I'm Jon Fedor and this is InCyber Regular, edition 21. InCyber is *back* with a vengeance after a six week hiatus. Thanks for sticking with me. And...for...clicking on this email?

At InCyber I talk about cyber-related issues and security-awareness for smaller enterprises, the cyber-curious, and the security-conscious. Sometimes we talk tactics, sometimes theories; always, security.

Today:

1. What happened during the hiatus?
2. Hygiene and flossing
3. Upcoming content!
4. Featured resource

So...Hiatus

What happened during the hiatus? The answer is easy, nunya.

As in nunya business.

But actually: personal security is one of my favorite topics to learn about, converse about, and teach about as well.

I've missed you all. I've missed having a reason to continue to dig into security technology, news, and tactics. I feel like a high school sports star constantly reliving the glory days. Longing for them.

So now I'm back with InCyber and it's time to learn. It's time to grow. Time to collaborate.

Let's call this a soft launch back into the real world.

Welcome back!

Hygiene and Flossing

It's just like flossing your teeth.

The sexiest thing these days is: passwordless!

You may have noticed. If you haven't don't worry, you will. Just when you though that no one could top "digital transformation" for the biggest trend that doesn't have any concrete meaning, here comes the passworldless future.

I was watching replays from a security conference this week. One of the guests presenters named a whole bunch of problems with passwords. Named them off one by one: they're too expensive, they pollute the environment, you have to keep them clean, get insurance for them...wait, that's cars.

Well, the presenter went on to draw this conclusion: the answer is clear and obvious - get rid of passwords.

I felt in that moment something that I've felt many others times in my life: "ok genius, that sounds nice but it's a pipe dream."

The vision of future technological advancement nearly always outpaces actual progress by decades++.

Regardless of end-user functions and features, passwords are going to be needed for a long time to come. Just like we have EVs driving side-by-side with gas-powered cars on the road today, we have many decades ahead of us where we:

1. Have old-school, legacy technology running everywhere
2. Have many software publishers putting pressure on folks at every turn to go "passwordless" but
3. Where we will still need passwords; ones that require management and use

Passwords aren't going away. The password and authentication ecosystems in our daily technological lives are only becoming more complex and fractured. Time to take back control.

Plans for Continuing Content

What's coming in the future for InCyber Regular?

Here's a quick and easy view for your consideration.

It's based on a question I asked #infosec Twitter this weekend. And that question centers on what common struggles do we all have with the people in our lives who are low-security-knowledge. What are we always telling them?

Lisa Forte, Mac Hertz, and others jumped in and provided some awesome, thought-provoking elements of cyber security to consider in our everyday, personal lives.

Here's a preview of what I'd like to cover in the future as part of these InCyber publications week-over-week:

We're going to be digging into how to STOP exposing yourself online via training on:

1. Using a password manager
2. Multifactor authentication
3. Backups and updates
4. Intelligence around spotting phish and analyzing links
5. Practicing verification

And then we'll cover how to make a delicious, 65% hydration pizza dough.

Or maybe I'll leave that to YouTube.

Ransomware Study

Google published a good, short blog on ransomware. It's a condensation of VirusTotal's study of over 80 million ransomware samples from the past couple of years.

I appreciated this summary of the problem (at this point) we all face:

"One of the main challenges to stopping ransomware attacks is the lack of comprehensive visibility into how these attacks spread and evolve. Leaders are often left with bits and pieces of information that don’t add up."

Here's a link to the Google blog post.

Here's a link to the original study (page 15 is especially good!)

Thanks!

Hanging with you every week is the highlight of my week! I'm more active than ever on Twitter and ramping back up on LinkedIn too. Would love to connect with you in those places.

I'm also going to be working harder to lift up the content of this newsletter and all InCyber content. I'm looking forward to you help with all of that!

If you ever have questions on personal digital security, cyber security news, a story you want to tell, or a favorite resource to share (etc) reply back and let me know!

Have a good'un, Good Lookin'.

~ Jon "Back in Black" Fedor