All Posts by Hana LaRock

About the Author

Hello! My name is Hana and I am the content writer for Smeester & Associates. I was born in raised in Long Island, New York, but I have lived abroad and traveled many places over the last four years. I currently reside in Mexico City. It's been an exciting challenge to write about topics associated with the importance of cyber security in small business. Every day, I myself am learning more about this industry and what it can do for small business owners around the country. I have years of content writing experience and I have been published on both print and web. Any topics you want to see discussed here? Shoot me an email at info@smeester.com.

CEO, technology stakeholder, IT
Jan 28

So, Who Is The Cyber Risk Stakeholder at the Executive Level?

By Hana LaRock | CEO Best Practices , IT Best Practices

“With great power lies great responsibility.”

Even in the smallest of businesses, there is a certain hierarchy of power. And, despite what could potentially go wrong at each level, either by a team or an individual, the question is, who should take the blame?

Ultimately, there can be a lot of things a CEO already has to take responsibility for, even if something which occurred wasn’t technically their “fault.” While it may feel good for a CEO to point fingers at his or her employees, that would be doing him or herself a huge disservice. And, at the end of the day, it doesn’t fix the problem.

The only thing you need to be responsible for when it comes to your network’s security?

Finding someone else to take the responsibility.

If you utilize the services of a CIO or another outsourced cyber security professional, he or she will become the cyber risk stakeholder at the executive level. This way, you can do what you do best for your business, while this person takes care of the rest.

Wouldn’t it be nice to put such a serious responsibility into the hands of an expert?

When Common, Not-So-Serious Cyber Threats Come Through

Cyber threats nowadays can happen at any moment. We’re talking everything from entire system shutdowns to unexpected data breaches. While certain problems are more likely to happen at a small business than opposed to a larger business, if you’re business is onto something good, then hackers may be onto you, too.

And, if you’re a small business, you most likely have an IT guy or an IT team helping you to avoid these cyber threats. Though sometimes, the occasional virus will get in or someone may accidentally delete important files.

Like any employee, IT people put in a lot of time and effort into making things go right. However, their role is a little bit different than that of an outsourced CIO. While IT may be around to fix things up in the office, they aren’t the ones that should be taking care of your network’s entire security and compliance plan. It’s essential that situations in terms of security are unbiased and thus taken outside of the office.

This is why you call an outsourced CIO, who is an expert in risk management and cyber security. This way, if a serious problem does occur, they will be in charge and held fully accountable; not the IT guy, not you, and most importantly, not your company.

When a Serious Cyber Threat Succeeds in Breaching Your System

Hackers work in all different ways, as do hacks and the way they affect your business. Sometimes, a hack can really set a small business back. It can cost you a lot of time and money when it comes to making repairs.

These are bigger, more serious cyber threats which lead to complete data breaches and ransomware. Sometimes, they can’t be solved, and the damage has been embedded way too deep to even try. In these cases, it’s less likely a CEO is going to be empathetic to their IT team, or design team, or content team, or whatever team it was that was ultimately the one to “click the big red button.” It may cause a lot of frustration. But, it happens.

Thankfully, when and if these problems do occur, if you’ve made the right choice about utilizing the services of an outsourced CIO, they, as the cyber risk stakeholder, must take the blame. That’s their job. They’ll handle the audits, the lawyers, the victims, the repair plan, while you go about business as usual.

CIOs Take a Lot of Stress Away from CEOs

With start-ups or small businesses, there is a lot of “figuring out” that a company needs to do together. Problems will come along that no one could have predicted. But, when a CIO is responsible for anything serious that may happen, it takes away a lot of potential stress and finger pointing that could happen if you were the one meant to take the responsibility.

Why worry about something else when you already have enough to worry about? An outsourced CIO is an expert in what they do. Leave it to them.

Smeester & Associates can help CEOs like yourself make the right decisions for your company, whether those involve cyber threats or other concerns in your IT department. To see if you’re at risk of a security breach, take our RiskAware™ Cyber Security Scan & Report today.

free public WiFi, Travel, cyber security
Jan 11

The Risks of Free Public WiFi and How To Stay Protected During Travel

By Hana LaRock | Security

So, you’re traveling for business and you’re going to have to do work whenever you get the chance. You’re thinking you’ll find tons of trendy cafes, airport waiting rooms, hotel lobbies, and who knows what else…maybe even food courts and mall restaurants, to do your work at.

As you already probably know, connecting to public WiFi networks is a risk for anyone. It doesn’t matter if you work for a big or small company, or if you’re just surfing online for your own personal business. Someone who wants to get in will do it, and it won’t be hard for them to do so. But, when we see that there is a free network for us to connect to, we get excited. Free?! How great.

Well, not exactly.

Why would you make it easier for hackers to get to you?

Putting a little money into making sure your network is safe and secure while you travel is certainly worth it. But, we also understand that you want to save where you can.

So, here are some alternatives to that public WiFi.

To Avoid Sensitive Info Getting Stolen, Get a VPN

Connecting to a free public WiFi network makes it easier for someone to take your sensitive info without you even knowing it. You could be going to make a transaction or be collecting information from a customer when someone can just slip right in there.

However, this can be solved by getting a VPN, which makes it safe to do transactions over a public network. So, if there is no way to avoid using the free network at the airport or a hotel, then this is the route you want to take.

A solid VPN shouldn’t set you back too much. You can find some VPN services as low as $4 a month. Take a look at TheBestVPN.com for more information on the best VPN choices out there.

To Stay Safe, Stick to One Device

One way to be more susceptible to hackers is by using a mobile device. While it’s tempting during travel to use tablets, phones, and anything else that’s essentially “mobile,” this can put you at risk. For one, setting up security systems on a phone is definitely more of a puzzle than doing so on a computer. Second, it’s a lot harder to tell with a mobile device if you’ve been hacked or not.

To stay safe while you’re traveling, do yourself a favor and stick to just one device. Sure, you might bring your phone and tablet along for the trip. But, if you’re going to be doing any work or personal stuff, then keep it all to your computer or another device that’s already secured for these kinds of connections.

Watch Where You Plug in Your Devices, and Carry Your Own “Outlets”

Have you ever noticed at airports or malls that there are charging stations? What about USB outlets in a rental car? While this may not be quite the same as a free public WiFi network, it’s similar in that it’s something convenient that can present huge consequences. Of course, not everything is a risk, but it’s nice to be aware of these things.

If you really need to charge your device, consider getting your own power bank, or charge up in safer places.

Substitute Free Public WiFi Networks for Your Own Hotspot

Nothing is ever 100% safe, especially when it comes to protecting your sensitive information. Even when you have to “pay” to use a public network (like buying a cookie at a cafe to get the password) there are still no guarantees. There are also no guarantees that the WiFi you connect to will be strong enough to allow you to conduct business.

So, to fix all of those potential problems, consider bringing your own secure connection. Nowadays, it’s easy to find personal hotspots at mobile carrier stores that cater to your needs. You can also use your own phone as a hotspot, but like always, make sure it’s secure.

Do you need some cyber security tips for upcoming work travel? Smeester & Associates can help you get all the information you need.

In the meantime, try our RiskAware™ Cyber Security Scan & Report to see where your security currently stands.

Dec 29

10 Ways Ransomware Can Affect You if You Don’t Take Charge

By Hana LaRock | Ransomware

Ransomware is a nasty type of virus that extorts people for money by essentially blackmailing them. When it comes to major companies and even small businesses, ransomware can seriously take advantage of you and anyone else involved. And, as we all know, ransomware can affect our personal lives as well.

Unlike other types of hacks, ransomware is not easy to get rid of. Often, people need to either pay the money or risk losing all their data instead.

Don’t let ransomware take over your business or your life. Here are the ways ransomware can affect you if you don’t take charge. (And, by take charge, we mean taking all the cyber security precautions there are, including backing up your data!)

1. It can take away everything you’ve worked towards

Ransomware essentially takes your data hostage. If you’re a small company who has put in a lot of work to get your business off the ground, this is a huge disappointment. If you’re a major company, you’re going to have a lot of backtracking to do, and a lot of “‘splainin'” to do, too. No one wants to have to start back at square one again.

2. It can force you to pay up

If you didn’t back up your data and you’re not in a place to lose everything you’ve worked for, then ransomware can force you to pay up. Though the FBI discourages paying these cyber terrorists, it may be the only way to get back your important data.

3. It can ruin your reputation

If people are familiar with your company, a ransomware attack can seriously ruin the reputation you have with your customers. Sure, if you can overcome the ransomware no problem, then it may be that no one will find out and you can move on with your life. But, if your company goes down the drain or sensitive customers’ information gets leaked, you’re really in trouble.

4. It can make you vulnerable to attacks in the future

If we let ourselves get affected by ransomware one time, we’re probably going to do our best to make sure it doesn’t happen again. But, if a ransomware attack happens in the first place, it may mean you don’t have a good cyber security plan in place. Therefore, you may be vulnerable to more attacks in the future. 

5. It can take away your precious memories

When ransomware affects your work life, that’s one thing. But, when it affects your personal life, it’s another. Ransomware can get into your own personal computer and take away your precious memories, including photos, videos, writings, or even conversations you’ve saved.

6. It can take away your “evidence”

Some of us keep very important information on our computers. This can be everything from our tax documents to bank information or photocopies of a passport. In some cases, this type of information is your “evidence.” It’s proof you paid your taxes or proof that you paid a bill. Ransomware can take that away, wreaking havoc on your personal finances.

7. It can access any IoT device

Believe it or not, ransomware has started to affect SmartTVs, video game systems, cars, and other IoT devices. Despite the fact that IoT makes our lives easier, remember, the Internet can be a very dangerous place. With convenience, there sometimes is a catch. You don’t want to be trying to relax and watch TV when a ransomware message appears on your screen.

8. It can take away privacy in ways you wouldn’t believe

Amazon Echo may be helping to solve a murder, as it may have recorded the mysterious events that took place. While this is bad news for the murderer and good news for the family, it makes a lot of us wonder how private our lives really are when we invest in all this smart technology. Ransomware and other type of hacks can lead to us being watched and heard without us even knowing it. There’s no telling what or how they will use what they gather against you.

9. It can play a risk to your health

As you can start to see, ransomware can pretty much affect any device, including health technology. This could be any device to help aid a person’s health. Think pacemakers, implants, and in the future, other health machines like digital contact lessons. If hackers can go to any means necessary to make you desperate enough to pay, would you really put it past them?

10. It can cause a ton of stress

The bottom line is that ransomware is a very scary thing. It can come at a surprise and put us in a situation where we really have no idea what to do. It can cost us time, money, and a lot of hard work. This can cause a heck of an amount of stress, that will certainly take a toll on our work and personal life as a whole.

Smeester & Associates can provide you with assistance for your cyber security practices. In the meantime, see if you are at a risk of being hit with ransomware. Take our RiskAware™ Cyber Security Scan & Report to find out.

Dec 21

Can the Internet Really Be That Dangerous?

By Hana LaRock | CEO Best Practices , Security

When we talk about the Internet, cyber security, and how all those things come together, we have to ask ourselves one main question:

Is the Internet really that dangerous?

At one time, maybe not so much. After all, when something so broad and capable is invented before the security aspect of it is created, there leaves a lot of room for not-so-safe possibilities. As more and more people are hooking up to the IoT, there’s a lot of potential for dangerous things to happen. And, we’re not talking about people losing a company’s sensitive data, or a customer’s identification being released. We’re talking about cyber security risks that can actually be physically dangerous to the people involved at a company.

The Risks of Smart Devices

We are already well aware of the dangers mobile devices present. The problem is, in the history of Internet technology, it has always been the product invented first, and the issue of security worried about afterwards. We’ve seen it in computers, laptops, and companies switching over to conduct business on mobile devices. But, what about when the IoT keeps growing and growing? As things constantly hit the market, we’re left wondering if security comes with the rest of the package. And, more often than not, it doesn’t.

So, when a hacker gets into a laptop or a phone, it’s one thing. But, what happens when we start having smart cars, smart light bulbs, smart planes, etc? We already have tablets, smart watches, and virtual reality. What happens when a hacker seriously wants to do harm to certain individuals at certain companies? There are some BAD hackers out there, that will go to any extreme to do what they need to do or get what they need to get.

These hackers could make your company’s self-driving car go off the road. They can make the electricity in your building start a fire. If you run a restaurant with smart appliances, a hacker could shut off everything, risking health and safety hazards for your customers. They could make security cameras go all haywire, making you a victim of something you didn’t do. Like Ransomware, they will extort you and blackmail you for all your worth, even taking it as far as putting your life, or the life of your co-workers and loved ones, at risk.

Things like this have already started happening, and for some reason, companies STILL are not seeing the need for cyber security. What more will it take?

RiskAware™ Cyber Security Scan & Report

When Incentives are Scary, They Work

Cyber security flaws are an absolute epidemic. We’ve seen large company after company be hit with terrible attacks that were very hard to come back from. We recently saw one happen with Yahoo!, and even our own presidential election. No matter how often companies are educated on the dangers of an attack, people in power still do not believe they are at risk. The United States, for example, doesn’t even have enough laws and regulations in place to protect ordinary users. Then, how can any of us be safe?

Is scaring people into spending money on cyber security the answer?

Maybe so. When we are asked whether or not the internet can be dangerous, the answer is yes. While it may sound rather drastic, it’s certainly not unreasonable to think that human life could be at risk as the future of the IoT grows. Is that what it will take for people to start taking their cyber security more seriously? It’s discouraging that seeing others get attacked is the only incentive companies have to rework cyber security into their protocol or budget. But, if that’s the only thing that works, then we’re doing the right thing by making everyone aware of the possibilities.

What do you think? 

It’ll likely be some time before you start worrying about real Internet dangers. But, it’s never too soon to start taking charge of your cyber security, and staying away from IoT until you can fully implement cyber security on those devices.

If this has somehow got you into taking your cyber security seriously, then Smeester & Associates is here to get you on the right track.

Dec 14

Will You Be Ready for 2017’s Cyber Security Threats?

By Hana LaRock | CEO Best Practices , Ransomware , Security

As this year comes to an end, we have yet to see any type of decrease in cyber security threats and attacks. In fact, cyber attacks continue to grow at an alarming rate.

However, as we hone in on the types of attacks there are, it becomes a little bit easier to know what you’re looking for, and potentially stop an attack before it hits. That being said, hackers and the methods they use to take down even the biggest websites, like Twitter, are constantly changing. This is because when people find ways to stop attackers, the attackers find more creative methods to do what they set out to do. Just like any other vicious, drug-resistant virus.

And, as 2017 rolls around, we can expect to see different and more powerful types of attacks. So, the question is, will you be ready to fight them when they come?

The Money Motive

Most hackers are motivated solely by money and will go to whatever means necessary to get a lot of it out of your company. This can be done through the use of ransomware, which is getting more advanced as time goes on. Hackers are going to find stronger types of ransomware attacks, and they will extort businesses for way more money than ever before. Thus, companies are going to have a hard time keeping up with proactive security measures enough to “deter” the ransomware. But, we’ll get to that later.

The Use of Mobile Devices will Lead to IoT Attacks

As people are using their mobile devices to conduct business more and more, we will be seeing more attacks via those devices. Along with this, however, we hope to see people taking their mobile security more seriously than they have in the past. But, despite the desire for protection, mobile device security just isn’t up to par with its stationary counterparts. We’re looking at all different kinds of threats in 2017, from theft of intellectual property to the potential destruction of critical infrastructure. Companies won’t be able to deal with these threats in real-time due to the minimal capabilities of mobile devices to do so. This, unfortunately, can mean bigger and broader attacks across the board than we’ve ever seen.

Increase in Internal Risks and Attacks

One thing we may be seeing more of in 2017 are internal attacks. Because companies are bumping up their cyber security, hackers are needing to find more “undercover” ways to do what they want to do. This could be anything from placing actual insiders in the company to hackers deceivingly targeting your email and every move you make on your various social media outlets. These attackers will try to manipulate employees from the inside into letting in a major breach, causing a lot of serious damage in the process.

But, there is some good news…

More Security Investments and Cyber Deterrence

Despite the fact that hackers will be more innovative in the coming year, so will security vendors and software overall. One trend we’ll start to see in 2017 is that companies will be spending more money on their cyber security than in the past; something that we’ve been certainly been hoping to see more of.

In addition to more spending on security, we’re also likely to see cyber security take a new route…a somewhat Israeli, Iron Dome, kind of route. IT professionals are looking for ways to deter attacks as they happen and stop one right in its tracks. This is a trend we may be seeing more of in the next year, and you’ll want to get on board as soon as this kind of security hits the market.

Cyber security should be a huge concern for any company. But, these companies need to keep up with the times. The data world is always changing and we need to be aware of the trends so that we’re not as vulnerable.

If you want to be sure you’re keeping up with these cyber security trends, then contact us at Smeester & Associates. We have all the tools necessary for you to make the right decision regarding your security methods. Try our RiskAware™ Cyber Security Scan & Report to see your current exposure level.

Dec 08

How to Convince Your Higher-Ups the Need for Cyber Security

By Hana LaRock | CEO Best Practices , Security

Every company no matter how big or small, needs a means of protecting their data and systems. Though, while many of us already know this, others have a hard time actually implementing a comprehensive security plan. The whole, “saying it is easier than doing it” kind of thing.

If you’re one of the many individuals who works at a company where cyber security still has not been put on the agenda or evaluated in the budget, it might leave you feeling frustrated every day you’re at work. You’re constantly wondering what could happen to all the important things you’ve been working on or what could happen to the sensitive information of the customers you’re dealing with.

No matter your position in the company, you feel concerned as to why your higher-ups aren’t taking security more seriously. It seems that despite the meetings, the discussions, and even the obvious need for protection, those in power just aren’t budging.

But, you care. So, here’s how to get the leaders of your company to start making moves on the company’s cyber security.

Get close to who is in charge

If you have been vocal about cyber security for a while, it may be that the person you’ve been talking to about this really isn’t the one calling the shots. Often times at larger companies, you have to go through a whole chain of people before you get to the one person that can actually do something. Whether this person is the CIO, CFO, or the CEO, try and get to know them. Additionally, try to get others in your company on board with you.

Organize a meeting based solely on this topic

Meetings at companies are often brief, where the higher-ups try to get the point cross as quickly as possible. There’s little time to bring up other things, or sometimes to even talk at all. Therefore, if you want to bring up the need for cyber-security, it’s necessary that you organize a PROFESSIONAL meeting based solely on this topic. Approach your supervisor and say “Hey, I know we’re really busy, so can you tell me when would be a good time to discuss this issue?”

Have the facts ready

Some companies don’t see the need for cyber security until they are staring a data breach right in the face. As much as you may be aware of the need for preventative cyber security, it’s clear that that isn’t happening. Therefore, you need to take the initiative.

Find out exactly what it is that could be impacted if there were a data breach. Who would be affected? How much would it cost for the company, directly and indirectly? How much of the budget would it really take to prevent something major from happening, and why should employees like you be concerned? Essentially, design a presentation.

If you’re worried that your higher-ups may not see this as any of your business, you may have to start the conversation casually. “Wow, did you hear what happened to (so-and-so-company?) They just had a major, unexpected data-breach, which cost them (this much) money!”

Take care of yourself

Sometimes, people are really stubborn. Unfortunately, even after trying so hard to convince someone, they’d rather go with the “break and fix” model, even if it means a huge risk for a company. What you can do in the meantime, though, is take care of yourself. If you know basic proactive security measures, like running backups on your system, using two-step verification, and being cautious of BYOD policies, use them yourself, and try to encourage others to do the same. It may be a small step, but it will help. 

If after all this it seems your company is finally ready to start talking about security, then contact us at Smeester & Associates. We have the tools and recommendations appropriate for a company who may just be getting their feet wet but may not want to jump the gun too quickly.


How low is your fruit hanging? Is that bear about to eat you or the other guy?

Discover how much risk you’re exposed to and get a complimentary RiskAware™ Cyber Security Scan & Report today!

Nov 30

4 Ways Using Your Mobile Device for Business Can Put You At Risk

By Hana LaRock | CEO Best Practices , Security

When it comes to technology, there’s no doubt that mobile devices have made both our personal and professional lives way easier. Because of smartphones, tablets, and other kinds of mobile devices, we can take our work with us anywhere and get things done on the go. We can be in constant communication with our employees, executives, IT management, and our customers.

But, while our phones help us in tons of ways, they can also hinder us in others. Conducting certain aspects of business on your mobile device can put you at a huge cyber security risk. Before you conduct any more business on your phone, read up on this.

1. Handling Money on Your Phone

Smart devices give us the incredible ability to manage money from anywhere. Whether it’s accepting money on Paypal, sending money on Venmo, depositing a check via your online banking app, or making an order on a website, there’s really no limit as to what you can do.

Unfortunately, sometimes convenience comes with a catch. The ability to do many transactions from a single device, a device that’s most likely not protected, can lead to attacks from all sides. Therefore, using your phone to handle any type of transaction can make you more susceptible to hackers and other cybersecurity dangers.

2. Having Loose BYOD Policies

Nowadays, many companies are implementing BYOD, or a Bring Your Own Device policy. It’s a way for employees to have more flexibility with their work, as they won’t be limited to what they can do, how they can do it, and when and where they can do it.

While there are many great benefits to BYOD, there are also, of course, security risks. In fact, even though company executives certainly don’t want their employees to be distracted by their mobile devices, the primary reason companies are skeptical about BYOD is because of the risk associated with it. Someone who brings their phone to work can easily connect to a network anywhere they go afterwards. And, if one of those networks isn’t secure, a hacker can get in and access anything that the employee has access too. Most of the time, without the employee even knowing about it.

3. Dangerous Apps

If there was something infecting your phone or mobile device, would you know it was there? Probably not. Detecting malware on a phone might not be easy for the ordinary user. But, it’s great for hackers who want a simple job. In general, most malware types that infect phones comes from suspicious apps. Hackers can get into the phone and easily take any sensitive information you have tied to your business. Again, this can be done without you even realizing it.

We’re not saying don’t download apps. But, if you’re using the same mobile device that you’re downloading apps on as you do for your business, you’re putting your company at risk. Additionally, if you have malware on your phone unbeknownst to you, and then you go and reconnect that phone to your company’s main network, you can infect others in your office as well.

4. More Work for IT

Using your mobile device for business can put you at risk. Even if you’re trying to be proactive, at the end of the day, it’s more work for IT. And, that’s if you’re even running security measures on your phone in the first place. (Most companies don’t.) Your IT team or your security vendor is already doing all it can to protect your network and, most of all, the computers hooked up to that network. While adding on a couple of phones shouldn’t be too difficult, you don’t want to have IT lose their focus on the main action, just so you can bring work around with you (probably to somewhere you shouldn’t be bringing it, anyway.)

That old saying, “Don’t mix business and pleasure,” can be interpreted many different ways. But, in this case, it can’t be any more clear. Your phone may make business run smoother, but it may be only a matter of time before that changes. Sometimes, leaving your phone at home isn’t such a bad thing.

Smeester & Associates can provide you with everything you need to know in making important security desicions for your company. Like, whether or not you should run business on your mobile device. 


How low is your fruit hanging? Is that bear about to eat you or the other guy?

Discover how much risk you’re exposed to and get a complimentary RiskAware™ Cyber Security Scan & Report today!

Nov 25

How to Stay Safe on Cyber Monday (Or Any Other Day)

By Hana LaRock | Cyber Scams , Security

Nowadays, people find it a lot easier to do their shopping, especially their holiday shopping, online. But, when customers from all over the world are using their sensitive information to make purchases, there is always the risk that a security breach could occur. And, that that security breach could put you at a serious risk.

Black Friday is over, and so far, there haven’t been any major incidences. (At least compared to previous years.) While that’s all great to hear, that doesn’t mean it’s time to let our guard down just yet. The cyber threat is still prevalent and we need to be on guard.

If you plan on participating in Cyber Monday or any other kind of online shopping this holiday season, here are a few tips on keeping yourself safe behind the screen.

cyber-monday-theftAvoid Using Your Mobile Devices

Though using your mobile device to make a purchase is definitely time-efficient, it’s not always safe. There are a lot of companies that use mobile apps to cater to their users. While this is a nice thing for both the company and the user, it can also be a nice thing for any hacker who won’t even need to lift a finger to take your information. Stick to a computer that you’re familiar with.

Consider Alternative Payments

If your browser asks you if you want it to remember your card information, don’t check off that box. Even if it’s your own personal computer, this kind of thing makes it easier for anyone to take your information. And, even if you opt out of having your credit card memorized, you should consider leaving the credit card or debit card behind altogether. If you have gift cards, Paypal, or a prepaid card, it’ll keep you a little safer.

Go With Companies You Know

Maybe a lot of those third-party, out-of-country eCommerce sites have some really good-looking deals. And, while some of those sites may be very well legitimate, you should never buy from a company that you haven’t heard of. Stick to the places and the names you know and love. There’s a better chance their online shopping platform is just safer, and if a breach were to happen, that they would at least do their best to make sure you’re protected.

Trust Your Gut

Cyber Monday and the holiday season, in general, are pretty overwhelming days to be on the Internet. There are a lot of good deals out there that are really convincing. But, not all deals are what you think they are. Some are really deceiving. It may not be that there is a hacker running a fake website with fake deals directly behind the screen. But, it may mean that the website you see one of these “deals” on may not be one that’s safe to use, for one reason or another. Therefore, just remember the old advice, “If it looks too good to be true…” Trust your gut before trusting these people with your bank information.

And, if you’re a company…

If you’re a company who is selling products online on Cyber Monday, or any other day for that matter, make sure you’re taking every possible cyber security precaution there is to protect you and your users. You should also consider taking out cyber insurance or consulting with your provider about additional measures. Remember, your customers are trusting of you, and they wouldn’t want a little purchase on your website to lead to a complete loss of their identity.

Cyber Monday is just a few days away. Are you prepared? No worries! Smeester & Associates is here to help. 


How low is your fruit hanging? Is that bear about to eat you or the other guy?

Discover how much risk you’re exposed to and get a complimentary RiskAware™ Cyber Security Scan & Report today!

Nov 16

7 Interesting Facts About Cyber-Security from the Sixth Annual Survey

By Hana LaRock | IT Best Practices , Security

Last month, the whitepaper of the Sixth Annual Survey on the Current State of and Trends in Information Security and Cyber Risk Management was released. As we can see, the survey had a lot of interesting and important information to help small businesses and CIOs make meaningful decisions regarding their approach to cyber security. It discussed key themes, like evolving threats and how companies can build up resilience to those threats. In addition to all the findings and suggestions in the survey, there were also some facts that readers and business owners may find very interesting.

Let us know what you think!

Fact #1: Cyber-security is a thing and should be considered by everyone

According to the survey, 78 percent of respondents from personal data-driven industries purchased a security & privacy insurance policy, compared with only 59 percent from all other industries. Data-driven industries certainly have more sensitive, customer data to protect, which may be why their number is higher. But, either way you look at it, more than half of the industries surveyed take out cyber insurance. That’s a lot.

Fact #2: Not every company outsources their security management (yet)

The study revealed that approximately 60 percent of pre-breach services are provided by internal resources such as IT, risk management, human resources (HR) and legal. While it’s a good idea to outsource security management, we can see that some companies are still relying on their in-house staff for pre-beach services. 

Fact #3: People rely on technology more than we think

According to the survey, when asked to what extent an internet, cloud or technology disruption would impact their daily business operations, 87 percent said it would have a moderate-to-significant impact. That’s a whole lot of people that feel if a breach were to happen, they would really be in a bad situation.

Fact #4: Depending on your industry, you may perceive cyber security differently

76 percent of respondents in the communications, healthcare, finance and banking, and retail industries viewed cyber risk as a significant threat compared to only 55 percent of all the other industries. If your industry falls into that 76 percent, then you may want to consider what aspects of your industry make it more vulnerable and assess your company’s cyber security measures based on that.

Fact #5: Business leaders consider cyber-security as a threat more now than ever before

A question was asked in the survey, “In your experience, are cyber risks viewed as a significant threat by your organization’s leadership?” In response, 83 percent said “yes” for Board of Directors, which is 15 percentage points higher than in 2015. Just a year ago, it seemed as though higher level executives and other leaders simply did not see cyber security as much of a threat that they needed to consider it in their budget. It looks like that’s starting to change.

Fact #6: Hackers aren’t as much of a worry as you would think

According to all respondents, “employees unintentionally infecting the company’s network with malware” is the top concern with 50 percent rating it a high or extremely high risk. So, if you’re an employee, your higher-ups may be worried more about you making a mistake than a dangerous hacker.

Fact #7: Got an attorney? Most companies are relying on theirs for security.

When asked which services are utilized in response to a cyber-security breach, it’s no longer the IT guy. Based on the survey, for the first time, the general counsel is the department most frequently responsible for assuring compliance with all applicable federal, state or local privacy laws, including state breach notification laws. While the IT person at your company should be fully aware of policies, it may be better to play it safe and go with the general counsel for any of your cyber-security questions, comments, or concerns.

Smeester & Associates understands the questions that arise when it comes to protecting your own company’s cyber-security. We’re here to answer those questions and provide you with the tools and recommendations necessary in order to make the best decisions for your company.


How low is your fruit hanging? Is that bear about to eat you or the other guy?

Discover how much risk you’re exposed to and get a complimentary RiskAware™ Cyber Security Scan & Report today!

Nov 11

Here’s Why Those Service Level Agreements Are Important

By Hana LaRock | CEO Best Practices , IT Best Practices , Managed Services

When it comes to contracts in the digital world, there are none quite as important as service level agreements, or SLAs. Service level agreements are the agreements outlined between a service provider and the user. It discusses what the user expects to receive from the service provider, and in turn, what the service provider will provide to the user. A strong SLA should erase any gray areas between the user and the service provider, clearly outlining what the relationship entails.

You do have a say in your SLA

Though the service provider should be the one to present the service level agreement, as the user, you do have a say in what you want it to include. If there’s an aspect of the job that you want to be covered but the service provider didn’t mention in the SLA, you can have them add it in. An SLA is certainly not one-sided.

An SLA provides targets for measuring performance

Whichever sector the service provider is in will determine the type of contractual agreements that are laid out in the SLA. Whether a service provider is providing an internet service, managed services, cyber security, of a combination of these services, the service level agreement should have observable and measurable objectives that are obtainable. If you, as the user, want to be clear about what you’re paying your service provider for, take a look at that SLA.

It explicitly outlines the “what happens when…?”

A good SLA should answer all the questions you didn’t know you had or perhaps the ones you don’t want to ask. Even if we trust our service providers to give us what they say they will, we still want to know “what happens when…” The SLA makes things more transparent, so you can be confident in your decision.

An SLA encourages responsibility and protection for both parties

Anytime we invest money as a user, we need to make sure we’re protected. Likewise, a service provider needs to look out for themselves, too. So, while an SLA can protect you from losing any money, it also protects the service provider from being held responsible for something that may not be their fault. Why would either party want to take a risk?

They can be continuously reviewed and updated

As technology continues to grow and more companies are moving over to the cloud, there’s no predicting what the cyber world holds for us in five years, or even one year, from now. The good news is, an SLA isn’t technically set in stone. While nothing should be changed without both parties’ consent, there is always the opportunity to sit down together and adjust the terms as things may change.


How low is your fruit hanging? Is that bear about to eat you or the other guy?

Discover how much risk you’re exposed to and get a complimentary RiskAware™ Cyber Security Scan & Report today!