Valuetainment - August 27, 2020


Cybersecurity- A $7 Trillion Industry That’s The Biggest Threat To Entrepreneurs


Episode Stats

Length

13 minutes

Words per Minute

193.49992

Word Count

2,705

Sentence Count

235


Summary


Transcript

00:00:00.000 I'm Patrick Medevi, host of Valuetainment, and today we're going to talk about cybersecurity,
00:00:25.240 a $7 trillion industry that's the biggest threat to entrepreneurs out there.
00:00:29.620 So brace yourself, because some of these stats are going to shock you. Let's get right into it.
00:00:33.120 Number one, hackers attack different accounts every 39 seconds. That means every 39 seconds,
00:00:39.980 someone's being hacked. Number two, since COVID-19, FBI reported a 300% increase on reported cyber
00:00:46.760 crimes. Next, 43% of cyber attacks target small businesses. Average global cost for breach is now
00:00:53.660 $3.9 million across the board for small business owners. 95% of breached records come from three
00:01:01.640 industries, government, retail, technology. In retail, they're focused on credit cards, technology,
00:01:06.120 they want passwords, which gets into banking, and obviously government and social security,
00:01:09.960 a bunch of different records. Approximately, watch this number here, approximately $6 trillion is
00:01:15.920 expected to be spent globally on cybersecurity by 2021. I didn't say $1 trillion, $6 trillion.
00:01:23.880 Unfilled cybersecurity jobs worldwide will reach $4 million by 2021. By the way, average cybersecurity
00:01:29.440 engineer salary, $140,000 a year income. More than 77% of organizations do not have any cybersecurity
00:01:36.240 incident response plan. 77%. Total cost for cyber crimes worldwide added up to over a trillion dollars.
00:01:44.500 Average time to identify a breach in 2019 was 206 days, according to IBM. Only 5% of company folders
00:01:51.340 are properly protected on average. Let me say that one more time. Only 5% of all company folders
00:01:57.980 are protected. That's 5% only. Estimated number of passwords used by humans and machines worldwide
00:02:04.760 is officially over 300 billion passwords. We got 7 billion people living worldwide. 300 billion
00:02:10.880 passwords are being used. 56% of Americans don't know what to do once there's an event of a data breach.
00:02:17.220 34% of data breaches involve internal actions. 1 in 36 cell phones have high-risk apps installed.
00:02:25.140 And last but not least, financial services industry takes in highest cost from cybercrime
00:02:31.340 at an average of $18.3 million per company surveyed. Think about that. $18.3 million.
00:02:40.180 So I'm curious, after seeing these stats and hearing me say it to you, what do you think about?
00:02:44.340 What does it make you feel like? Because I can tell you for me, two and a half years ago when I was at an
00:02:48.780 insurance conference, hearing stats like this, I sat there and I said, let me get this straight.
00:02:52.900 I run a business, multiple, I got investments, I got companies, I got family, I got kids, I got
00:02:58.040 all of these different things. How am I protecting myself? So when we came back two and a half years
00:03:01.820 ago, till today, I've spent around $2 million on cyber security. Different analysts we've hired,
00:03:07.240 full-time technology, software, constantly we're putting money into it. Now you may be watching and
00:03:11.800 saying, Pat, I don't have that kind of money, I don't have that kind of a size of a business,
00:03:15.340 but I'd like to find a way to protect myself. That's why this video is sponsored by ExpressVPN.
00:03:20.100 Now if you follow Value Temi, you know we don't say yes to all sponsors, but we decided
00:03:24.200 to say yes to ExpressVPN because we like what they do. They're ranked number one by CNET
00:03:27.740 and wired for what they do, which is a virtual private network, ExpressVPN. VPN is a virtual
00:03:34.900 private network. Here's how it works. Think about it if you're on your internet service provider,
00:03:39.020 you're searching whatever website you're on, your internet service provider can legally in
00:03:44.260 US sell all your data. They can sell it and it's not illegal. If you don't have something
00:03:49.620 like ExpressVPN, they can do that. Once you have it, it's protected. Probably the best
00:03:54.660 analogy I can give you is the following thing. Think about using the internet and you put
00:03:57.680 a condom on. I know it's a weird analogy, but no one can get in to see what you got going
00:04:03.460 on because you're officially protected. So passwords, your IP addresses, you go to any
00:04:08.720 of that stuff, you're fully protected if you have ExpressVPN. A lot of times people say,
00:04:13.460 well, I'll go incognito and I'll go private and I can delete my cookie and my history.
00:04:17.380 They can still track all of that. And the good news is that ExpressVPN is in 90 plus
00:04:21.580 different countries and you can use ExpressVPN to protect your phone, PC, TV, video game,
00:04:27.120 any of that stuff. So if you want to get your online activity protected, go to my exclusive
00:04:32.860 link. It's expressvpn.com forward slash PBD VPN. You see it on the screen as well. We're going
00:04:40.200 to put the link below as well to get yourself started. You may not be able to spend the kind
00:04:44.080 of money we've spent to protect our company, but you can definitely get yourself started
00:04:48.180 with something as simple as ExpressVPN. So having said that, let's get into the biggest
00:04:52.680 data breaches of 21st century. The first one is Yahoo. So 3 billion user accounts in 2014
00:04:58.940 and 2013 were breached. This is names, email, passwords, date of birth, and security questions.
00:05:05.160 That's Yahoo, by the way. That's the biggest of all time. 3 billion. By the way, they took
00:05:08.980 two, three years to tell the world that they were breached with 3 billion accounts. You
00:05:13.780 got Sina Webu, which is kind of like the Twitter of China. 538 million accounts were hacked in
00:05:19.680 March of 2020. Marriott, 500 million customers. That's contact, passport number. Once again,
00:05:26.000 your passport information. 100 million credit card info. That's to come out and tell people
00:05:31.040 that this really took place. Adult Friend Finder. That's 412.2 million accounts.
00:05:36.960 Penthouse.com. Coms.com. Icoms.com. Scriptshow.com. Imagine all of that data that they're going
00:05:43.560 out there breaching, right? MySpace, 360 million accounts in 2013, which is pretty funny here
00:05:49.680 to see the MySpace link with LinkedIn. You'll be surprised what the hacker asked in return
00:05:54.760 to release all that information back. NetEase, 235 million user accounts. This is an email. This
00:06:00.200 was in October of 2015. Zynga, 218 million user accounts. This is gaming. LinkedIn,
00:06:05.980 165 million user accounts. That was in 2016. By the way, watch this. The same person that
00:06:12.440 hacked MySpace is the same person that hacked LinkedIn. You know what all this kid wanted?
00:06:17.700 He just wanted five bitcoins. At the time, it was worth $2,000. Think about it. I hacked
00:06:23.260 these things. I give it back to just give me five bitcoins, right? Some simple kid that's
00:06:27.340 hacking an account. DubSmash, 162 million user accounts. Adobe, big company, 153 million user
00:06:34.140 records. MyFitnessPal, that's Under Armour's app, 150 million user accounts. Equifax, 147.9 million.
00:06:44.080 eBay, 145 million. And last but not least, Ashley Madison, which was 32 million accounts. When that
00:06:48.820 came out, it was mayhem. Everybody was wondering if their name's going to be on the list or not. So now,
00:06:53.060 all of these companies are big companies. These are not small companies. But there are different
00:06:57.540 methods of hacking, which I'm going to talk to you about. And many of the methods of hacking you can
00:07:02.240 protect yourself about. But sometimes, if you're not aware, you get caught because you were not fully
00:07:07.900 prepared on what could potentially happen. These companies, this typically happens because an
00:07:12.920 employee didn't pay attention to what they were doing and then, boom, they got caught. That's how it
00:07:17.160 happens. It's not like these companies don't have the proper protection. Somebody screwed up. Now,
00:07:21.180 watch this. Methods of hacking. Number one, a virus, a Trojan. This is a virus within something you
00:07:27.620 download or install. The moment you do it, virus spreads into your computer and there's many things
00:07:32.180 it can do. Stop your computer, take all the passwords, have access to what you're doing.
00:07:36.000 There's many methods to it. Number two is phishing. Phishing is replicate website to enter login or
00:07:40.940 password. For example, you'll get an email saying, congratulations, we found out you're a celebrity
00:07:46.440 you're officially getting verified on Instagram. Oh my gosh, I'm getting verified on Instagram.
00:07:51.280 You log in, you put in your username, you get your password. Then a 20-minute study guy sends you an
00:07:56.580 email saying, wait a minute, we just got into your email account. You give me $1,000, I'll release your
00:08:00.180 Instagram. You know how I know this happens? It's happened to us before, four years ago, three years
00:08:04.320 ago when this happened to us. It happens to everybody. The best way to figure out for phishing is always see
00:08:09.840 where the email is coming from. So if it comes from Gmail, it's not Instagram. If it's from whatever
00:08:15.200 like johndoeatinstagramxyz.com, it's not Instagram. So it's always good to click on the email to find
00:08:21.520 out who's sending it to you. Number three, eavesdropping. This one is epic because they monitor
00:08:27.360 what you're doing, but you don't even know they're in your system. So they get into your system, you're
00:08:32.140 going on the website, there's no virus. The virus is, I watch everything you're doing. That's eavesdropping.
00:08:37.940 That's a method of hacking. Next one is a fake WAP. Fake WAP is fake Wi-Fi to get access to your data.
00:08:44.500 It's very obvious what that is. Next one is waterhole attacks, which means it's similar to a fake WAP,
00:08:49.560 but they're doing it in a location with a lot of traffic coming in. So imagine a busy Starbucks.
00:08:53.860 Imagine a busy bookstore, a busy mall where a lot of people are tapping into that Wi-Fi, and I can go and get
00:08:59.800 access to a lot of different people's accounts and activity. Next one is DDoSing, which is denial of service.
00:09:04.840 So flooding with traffic to crash your site. It's not really something that they want to get anything
00:09:09.320 from you. It's more to embarrass you. Let me crash the Pentagon website. Let me crash the Facebook
00:09:13.940 website to embarrass them and humiliate them. It's a different method of doing what they do.
00:09:18.660 Okay, keylogger is very simple. This is malware that tracks your keypad. So whatever you're typing,
00:09:23.260 whatever email you're sending, whatever thing you're saying with the keypad, they're able to see it.
00:09:27.040 Next, social engineering. This is fake phone calls. It's also happening on social media, whether it's
00:09:32.960 through Skype. This is when you get somebody calling you and they get you to feel comfortable
00:09:36.780 whether they're representing the IRS, whether they're representing, you have a lawsuit against,
00:09:41.400 you have this against, you feel guilty. Oh my gosh, what's your social security number? Is it this?
00:09:45.660 And you give all your data? Boom, they're already in and then you're in trouble. They're able to use
00:09:49.240 that stuff against you. Next one is Bait and Switch, which is fake ads that takes you to a different
00:09:55.340 place that leads to a virus. That's what bait and switch is. Then it's cookie theft, which is taking your
00:10:01.560 cookies off your computer, which leads to getting access to your passports and many other things.
00:10:06.600 So remember, these are things that are happening. No matter how much you spend, if you don't pay
00:10:12.360 attention to this stuff, it can get you in trouble. So what's the solution? Number one, teach your
00:10:17.100 employees, your family, everybody to know exactly what the potential ways of getting hacked is,
00:10:21.200 but teach them these stats. Our business analysts, they send stats. Mario, on a weekly basis, what is it?
00:10:26.580 Every single week we get stats that come out that tell us everything about cybersecurity.
00:10:29.560 So our employees are always watching out for it. Number two, SWOT analysis with your team and your
00:10:35.500 family. What is SWOT analysis? What are our strengths when it comes down to cybersecurity?
00:10:40.260 What are our weaknesses? What opportunities do we have? What are some threats? Bring in your team,
00:10:45.160 bring in your employees, bring in your family and talk about SWOT analysis. When you do SWOT analysis
00:10:49.260 with your family, you realize you're just giving your iPad to your kids. You don't even know what
00:10:52.120 they're doing. And some of the stuff they're doing, you're not watching. Like, oh, here you go, get on the iPad and
00:10:56.080 be distracted for 30 minutes. They may have logged into your credit card account that's right there.
00:10:59.820 They're not really looking at the stuff. So SWOT analysis with your family and your business.
00:11:04.180 Number three, change passwords. Don't use your pets naming your password and your pet's got its own
00:11:11.120 Instagram account linked back to you, you know, and it's, oh, this is the password. Oh, what an easy
00:11:15.980 guy. Thank you so much for making your password so easy. Change your password. Make it something that
00:11:20.540 makes no sense. Put a sentence that is a long sentence with 30 letters. No one can find that and then find
00:11:26.820 some numbers that are not necessarily your date of birth. Number four, strengthen your home network. Call your
00:11:31.820 service provider and ask them, what do I need to do to make it stronger? Maybe a little bit more expensive,
00:11:36.300 but it's a lot cheaper than you getting hacked. Number five, hire an analyst to do an audit. So for example,
00:11:43.400 say you're a small business with five employees. You may not have a lot of money to spend the kind of money
00:11:47.540 I'm talking about, but maybe you can afford $3,000, $5,000, $10,000. Have somebody come in and say,
00:11:52.460 can you audit all of my stuff that I have in place and use a credible company? They'll come in,
00:11:56.680 they'll look, okay, you're weak here, you're weak here, you're weak there, you're weak. I can help
00:12:00.680 you with this. We can clean this up and they'll help you out. Spend three, four, $5,000, $10,000 to make
00:12:05.520 you feel comfortable about what you got going on. Number six is using certain apps or technology that stores
00:12:10.480 all your passwords. There's a lot of credible ones. You can go look them up for yourself. An example of a company
00:12:15.360 is KeePass. K-E-E, Pass. These are some of the softwares and technologies that store 40, 50
00:12:21.280 passwords. You know a lot of time you've got seven different passwords. Like, I forgot the password
00:12:25.480 to this. I forgot the password to that. But you save it in a place that's not saved, then somebody
00:12:30.460 can see it, that somebody can get access to it. The next thing you know, they're fishing into your
00:12:33.480 accounts and money's leaving because you didn't protect yourself. You can use different apps to help
00:12:37.520 you with that. Number seven is keep your eyes on your kid's technology. Go home and talk to your dad.
00:12:44.700 What do you use? Grandpa. What do you use? Mom, husband, wife, kids, everybody. And last
00:12:50.360 but not least, if you are attacked, cyberattacked, whatever happens to you, somebody is using your
00:12:56.620 technology, contact local authorities, whether it's the cops, the FTC, Federal Trade Commission,
00:13:02.160 and FBI. I've dealt with all three organizations, and I highly recommend you going straight to it.
00:13:06.860 The reason why many times people don't is for the following reason. Many times they don't
00:13:11.600 because a person comes back and says, listen, bro, listen, dude, you pay me $500, I'll give
00:13:16.620 the password back to you, and people give it back, and it's over with. That person needs
00:13:20.600 to be reported so they can't do that to the next person, and the next person, and the next
00:13:24.120 person. So there are fewer victims, but many times people don't report them. I'm recommending
00:13:28.700 you report them to FTC, FBI, and the cops so they don't do it to the next person because
00:13:32.440 it continuously keeps happening. Thanks, everybody, for listening. And by the way,
00:13:36.140 if you haven't already subscribed to Valuetainment on iTunes, please do so. Give us a five-star,
00:13:41.620 write a review if you haven't already, and if you have any questions for me that you may have,
00:13:45.420 you can always find me on Snapchat, Instagram, Facebook, or YouTube. Just search my name,
00:13:50.100 PatrickBitDavid, and I actually do respond back when you snap me or send me a message on Instagram.
00:13:55.960 With that being said, have a great day today. Take care, everybody. Bye-bye.