Protect yourself: tips from 4 Austin web warriors on avoiding cyber attacks

by Kelly O'Halloran
October 26, 2016

On Friday, October 21, major sites like Twitter, Reddit, Airbnb, Netflix and Etsy experienced mass outages across the U.S. and in Europe during three wide-spread cyber attacks on Dyn, a popular DNS service provider. 

While the FBI continues to investigate who is responsible for the Distributed Denial of Service (DDoS) on Dyn, we caught up with four Austin internet protectors on what they protect against and what you can do to mitigate risks of personal hackings. 


Responses provided by Liz Kintzele, VP of Sales and director of marketing

What does Golden Frog protect against, and from whom?

Golden Frog offers a personal VPN product, VyprVPN. A VPN encrypts your internet connection to secure it, offering a high level of online privacy and security.
VyprVPN protects users against the prying eyes of internet service providers (ISPs), third party websites and applications, and hackers and snoops. We even protect users against government surveillance!

What have been a few of the big wins? 

Something we're very proud of is being able to offer a tool that enables people to increase online privacy. Websites, applications and even the government engage in many invasive practices, so it's a "win" for us to give people control over their online privacy. We're proud to offer a service to users around the globe, and secure connections at home and while using unsecured networks on-the-go.
In addition to offering privacy and security, VPNs also bypass censorship and internet restrictions. One of our biggest wins is being able to defeat censorship in China, and allowing users to access a free and open internet from within the country. We're even able to defeat VPN blocking performed by the Chinese government, which is a major win since most other VPN providers cannot accomplish this.

What advice do you have for the common folk in securing against cyber attacks?

The first step in protecting yourself online is to be aware of the risks and privacy threats that exist in today's technological world. Once you're aware of the risks, it's easier to take appropriate measures to protect your privacy.
A very basic step we recommend is using HTTPS for every site you visit, which indicates your connection to that site is secure. We recommend you do not connect to unsecured Wi-Fi networks (for example, networks found in coffee shops), and that you read privacy policies to understand how your information is being used. Of course, we also recommend using a VPN every time you connect — it's a quick and easy way to keep your personal information and data private and secured! 

Responses provided by Laura Stich, commercial operations

What does Assured Enterprises protect against?

Assured Enterprises shifts the odds of cyber defense in a company’s favor and should be a key part of every company’s risk management program.  

We do this by providing TripleHelix℠, the most comprehensive cybersecurity assessment on the market, giving your company a CyberScore™ that reflects the overall health of a company’s cybersecurity posture, much like a FICO score.  

As part of that assessment, we incorporate our AssuredScanDKV™ application which identifies vulnerabilities no other scanning tool can or ever will. We then prioritize those vulnerabilities based on a customer’s unique requirements and provide the remediation path to correct them. We identify and help to eliminate the gaps in a company’s cyber defenses so that hackers can’t get in to steal its data and IP or disrupt its operations.

What have been a few of the big wins?

Assured generally does not disclose its customer wins specifically to avoid making them a target for any new cyber-attack. That being said, we have worked with a Global Fortune 100 electronics company and a US Top 100 Financial Services company, among others. In addition, some contracts, such as one we have with the U.S. Navy, are public and can be mentioned. Our software scanner has been certified for deployment on sensitive networks within the US Government.

What advice do you have for the common folk in securing against cyber-attacks?

If you’re talking about companies, our biggest piece of advice is to tell every company to get back to basics of cybersecurity and risk mitigation. Start with getting visibility into what risks are present today. Protecting and defending an organization is much more than a technical problems arising from IT. All areas of an organization need to be involved to understand the vulnerabilities faced by everyone and be able to mitigate the chances of a cyber attack through education, policies, response and recovery procedures, and, yes, technology products. 
For an individual, our key piece of advice, other than regular device backups, would be to remain vigilant and be on the lookout for evolving cyber threats. Phishing has become a growing source for cyber-attacks which could take out anything from an individual’s device to an entire corporate network. Ransomware, often entering by clicking on a phishing attack, is a growing concern.
Responses provided by Juliette Rizkallah, CMO

What does SailPoint protect against, and from whom? 

SailPoint gives enterprises the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis – securely and confidently – with our open identity platform.
We manage and protect identities – how users are identified within a company’s systems, and as a result, how users access those systems. Identity is the only thing that ties a user to his or her access within a company across all systems and all entry points.
In essence, identity answers the question “who has access to what” and “what can be done with that access.” Because of this, a company’s users are its best assets and also its worst threats. For company data to be secure and users to be productive, protecting those identities from exposure is everything. That’s what SailPoint does.

What have been a few of the big wins?

SailPoint's customers are among the world’s largest companies in virtually every industry, including: eight of the top banks, four of the top five healthcare providers, six of the top seven property and casualty insurance providers, and five of the top pharmaceutical companies.
We helped Weight Watchers migrate its on-premises databases and applications to the cloud, while also automating and streamlining security processes. Weight Watchers was able to drastically reduce the amount of time it took to complete processes like provisioning, onboarding and off-boarding, while also creating an automated audit trail.
Our solutions allowed Orrstown Bank to quickly automate their identity management processes for hundreds of users, all while keeping their sensitive information from being compromised. They've reduced the time it takes to certify access, automate their processes, mintage the risk of a data breach and prove it all to auditors.

What advice do you have for the common folk in securing against cyberattacks?

There are a lot of simple security best practices that many people ignore, but can be extremely effective in protecting against cyberattacks.
For starters, don’t ignore those software update notifications. While it may seem like a hassle, most software updates on computers and phones are there to fix serious security issues that you can’t see, but can make your information vulnerable.
You can also enable extra security measures like knowledge-based authentication, where you use more than just your password (like extra security questions or an access code texted to your cell phone) to access your accounts. Just make sure the answers to your secret questions are actually a secret that can’t be easily found out via social media, and don’t use your cell phone as a backup security measure if you don’t also keep it secure with a password.
Perhaps the most important way to protect yourself is with good password hygiene. Our Market Pulse Survey showed that as many as 65 percent of people use the same password across multiple sites, a huge password DON’T! Never use the same password for multiple sites, because when one site gets hacked, all of your accounts are vulnerable. Also, make sure your passwords are strong and long (at least 12 characters), and update them often.
Responses provided by Roark Pollock, SVP of marketing

What does your team protect against, and from who? 

Ziften provides client-to-cloud visibility and security. Specifically, Ziften deploys on user client devices, in data centers, and in the enterprise cloud, helping enterprise companies maintain continuous and look-back visibility, improve their overall security posture, and implement real-time threat detection and response.
The overall idea is to minimize the attack surface and quickly deal with unexpected threats that get through threat prevention measures.

What have been a few of the big wins?

Ziften customers span many different industries including financial services, healthcare, education, energy retail, manufacturing and government. Our largest customer to date has Ziften deployed protecting approximately 110,000 user devices and physical/virtual servers.

What advice do you have for the common folk in securing against cyber-attacks?

While there is no perfect cybersecurity approach, the most important step anyone can take is to educate themselves on the basic cybersecurity do’s and don’ts. This includes:
  • Always installing software and operating system security patches or updates,
  • Keeping anti-virus solutions up-to-date,
  • Using randomly generated or difficult passwords,
  • Not clicking on links in questionable emails, and
  • Not visiting questionable websites.
Images provided by companies.
Know a company we should cover? Send us a tip or tweet us@BuiltInAustin

Jobs from companies in this blog

Austin startup guides

Best Companies to Work for in Austin
Coolest Tech Offices in Austin
Best Perks at Austin Tech Companies
Women in Austin Tech