Just a Thought
"If you spend more on coffee than on IT security, you will be hacked."
- Richard Clarke, White House Cybersecurity Advisor
From the Editor
Think your data is safe because you're gone from using your dog's name to a longer phrase or quote from your favorite book as a password? Don't be so sure - and be aware of the serious threat to your organization's reputation and financial welfare if you have inadequate password protection.Ars Technica
recently reported on the updated version of freely available password-cracker ocl-Hashcat-plus, which has gone from being limited to guesses at passes with 15 characters or less to a whopping 55 characters in its latest release.
Not only are brute-force cracking programs like this becoming more powerful and more widely available, but hackers are improving old techniques to guess passwords that would have been iron-clad in the past. Check out this quote:
Yiannis Chrysanthou, a security researcher who recently completed his MSc thesis on modern password cracking, was able to crack the password "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn1." That's the fictional occult phrase from the H.P. Lovecraft short story The Call of Cthulhu. It would have been impossible to use a brute-force attack or even a combined dictionary to crack a phrase of that length. But because the phrase was contained in this Wikipedia article, it wound up in a word list that allowed Chrysannthou to crack the phrase in a matter of minutes.
I talked over this issue with some friends who work in IT, and the consensus was that the only real solution available is two-step authentication.
Every one of them either has implemented, or has recommended their organization implement (you can lead a horse to water...), protocol which, should an unknown IP access systems using an individual's information, sends a text message to the user's phone asking them to respond with verification before it will allow them to continue.
Can it be a bit of a pain in the rear? Well, yes. Is giving hackers essentially open access to your data worse? You better believe it.
If you like what you see in this ezine, please pass it on to others by using the "Forward Email" link at the bottom of the ezine and tell them to subscribe!
(Note: If you just "Forward" using your own email program's "Forward" function and your recipient thinks they're being spammed, they can click on the Opt Out link and opt YOU off the list. So use the "Forward Email" link, please.)
Thank you, and read on.
|Interested in repurposing BCM articles |
or blog posts?
Would you like to share a post with your audience, reprint one of BCM's how-to's for office use, or take students through a set of case studies?
We're happy to give permission for material to be repurposed in just about any way you'd like. Simply submit a request to firstname.lastname@example.org.
|Attn: Gmail web mail users|
Gmail has rolled out a new inbox for its web-based email users that divides content into various tabs. You've (hopefully!) found our newsletter under your GMail "Promotions" tab, but if you would like to it to go to your "Primary" inbox next time, just drag and drop the email there, or click the star next to it, and you're all set.
By Erik Bernstein
As our readers know well, the field of crisis communications is constantly evolving. That's why we thought it would be interesting to take a look at a Master's thesis from Tegan Ford, a recently graduated member of The Next Generation of Crisis Communications Pros
.Crisis Management Quotables...on Walking the Walk
takes a note from American businessman Harvey Mackay on the right way to grow your reputation.
In yet another example of stupid social media use resulting in loss of a job, Business Insider CTO Canned Over Twitter Posts
looks at how some outrageously inappropriate Tweets left Pax Dickinson looking for a new gig.
Being proactive can make all the difference in a tough spot, but as you can see in AT&T Policy Fail During Crisis Management for Colorado
, when you fail to make a move fast enough it can really hurt your reputation.
A new series on our blogs, Crisis Management Musts: Media Trained Leadership
takes a look at an extremely awkward wrong-way example of how to cope with a high-pressure media situation.Crisis Management Lessons from Tsunami Study
is a look at the impact a monster earthquake off the coast of Alaska could have on California's economy, and a chance for us to ask: Why aren't you prepared?Pearl Izumi's Thoughtless Advertising - a Crisis Management Mistake
is yet another example of a failure to predict negative reactions to an ad campaign, resulting in reputation damage.
In another blow to the already-struggling organization, Boy Scouts Need Crisis Management Again as Sex Abuse Records Ordered Released
. With years of bad behavior to atone for, what can Boy Scouts of America do to prevent further trouble?
Disgusting as it sounds, the USDA and the meat industry may as well be asking, Would You Like Feces with Your Meal?
when it comes to the new inspection program that's being rolled out. When safety inspectors literally say, "we are no longer in charge of safety," you're in trouble.
|Apropos of Nothing|
Social Media Training
Want to get your feet wet with social media but don't know where to start? Maybe you have accounts, but aren't sure what to post, or how to reply?
Being active on social media is a must these days, but you have to do it right. Erik Bernstein, Bernstein Crisis Management's Social Media Manager, now offers social media training sessions in person or via Skype for groups and individuals.
For questions or pricing info, please email email@example.com
Bernsteins Available to Deliver Free Guest Lectures, Q&A Sessions
Jonathan alone, or the team of Jonathan and Erik Bernstein, are available at no charge to deliver guest lectures and host Q&A sessions with college classes via Skype or Google Hangout. Our latest presentation was to a graduate-level Healthcare Marketing course at Cal State Long Beach.
The lectures are fun for both us and students, and we're more than happy to allow recording for your future use. All you need at your end is a single computer with webcam and a strong broadband connection for us to appear in your classroom in real-time.
Contact us for more info!
Attention Corporate Boards of Directors (and those who serve them).
If you're connected with a corporate board of directors in some way and think that board would benefit from having a veteran crisis management pro amongst its membership, please contact me. -- Jonathan
(aka blatant self-promotion)
Expanded Crisis Manager Bookstore
We've recently expanded the Crisis Manager Bookstore to include offerings from esteemed colleagues like Melissa Agnes, Gerald Baron, Chris Syme and Jim Lukaszewski that cover topics from crisis communication and traditional PR to social media and cutting-edge crisis management. We'll be adding other authors we admire in the weeks ahead.
Visit the new Crisis Manager Bookstore to see all of the material available now!
Keeping the Wolves at Bay: Media Training
Learn how to deal with traditional or social media during a crisis in this educational and entertaining guide from Crisis Manager publisher Jonathan Bernstein. $25 for the hard copy and $10 for the PDF.
Head to the Crisis Manager Bookstore for more information and/or to purchase.
Manager's Guide to Crisis Management
Whether you're a seasoned manager, aspiring up-and-comer, or student of crisis management, Jonathan Bernstein's textbook, Manager's Guide to Crisis Management (McGraw-Hill, 2011) will put you in control of any situation.
Looking for a Turn-Key Social Media Solution?
Missing out on all the promotional, SEO and reputation management advantages of being active on social media platforms? Hire someone to be your voice...like Erik Bernstein, editor of Crisis Manager. He's the one largely responsible for keeping the Bernstein Crisis Management website and social media accounts highly ranked and popular and can do the same for you, while creating a set of valuable social presences that can be turned over to your full control at any time
Guest authors are very welcome to submit material for "Crisis Manager." There is no fee paid, but most guest authors have reported receiving business inquiries as a result of appearing in this publication. Case histories, experience-based lessons, commentary on current news events and editorial opinion are all eligible for consideration. Submission is not a guarantee of acceptance.
Jonathan Bernstein is both publisher of Crisis Manager and president of Bernstein Crisis Management, Inc., a national crisis management public relations agency providing 24/7 access to crisis response professionals. The agency engages in the full spectrum of crisis management services: crisis prevention, response, planning & training. He has been in the public relations field since 1982, following five-year stints in both military intelligence and investigative reporting.
Write to Jonathan at: firstname.lastname@example.org
Erik Bernstein is editor of Crisis Manager and is also Social Media Manager for Bernstein Crisis Management, Inc.
Write to Erik at: email@example.com
Legal Disclaimer (aka the small print)
All information contained herein is obtained by Jonathan Bernstein from sources believed by Jonathan Bernstein to be accurate and reliable.
Because of the possibility of human and mechanical error as well as other factors, neither Jonathan Bernstein nor Bernstein Crisis Management is responsible for any errors or omissions. All information is provided "as is" without warranty of any kind. Bernstein Crisis Management and Jonathan Bernstein make no representations and disclaim all express, implied, and statutory warranties of any kind to the user and/or any third party including, without limitation, warranties as to accuracy, timeliness, completeness, merchantability, or fitness for any particular purpose.
Unless due to willful tortuous misconduct or gross negligence, Jonathan Bernstein and Bernstein Crisis Management shall have no liability in tort, contract, or otherwise (and as permitted by law, product liability), to the user and/or any third party.
Under no circumstance shall Bernstein Crisis Management or Jonathan Bernstein be liable to the user and/or any third party for any lost profits or lost opportunity, indirect, special, consequential, incidental, or punitive damages whatsoever, even if Bernstein Crisis Management or Jonathan Bernstein has been advised of the possibility of such damages.
A service of this newsletter is to provide news summaries and/or snippets to readers. In such instances articles and/or snippets will be reprinted as they are received from the originating party or as they are displayed on the originating website or in the original article. As we do not write the news, we merely point readers to it, under no circumstance shall Bernstein Crisis Management or Jonathan Bernstein be liable to the user and/or any third party for any lost profits or lost opportunity, indirect, special, consequential, incidental, or punitive damages whatsoever due to the distribution of said news articles or snippets that lead readers to a full article on a news service's website, even if Bernstein Crisis Management or Jonathan Bernstein has been advised of the possibility of such damages. Authors of the original news story and their publications shall be exclusively held liable. Any corrections to news stories are not mandatory and shall be printed at the discretion of the list moderator after evaluation on a case-by-case basis.