Cody Gredler

About Cody Gredler

Cody knows cyber security. As CSID’s Director of Marketing she has a keen understanding of what is going on both in the news and behind the scenes with the latest breaches, security threats and identity theft scams. Cody writes about the latest industry news, breaches, identity theft trends and often shares helpful security tips for both businesses and consumers.

Customer Alert: “GHOST” Vulnerability on Linux Systems

By | January 30th, 2015|Uncategorized|

Ghost VulnerabilityOn January 27, 2015, Qualys, Inc., the leading provider of cloud security and compliance solutions, announced that its security research team discovered a vulnerability in the Linux GNU C Library known as (glibc). This vulnerability, called “GHOST (CVE-2015-0235),” allows attackers to remotely take control of a system without having prior knowledge of system credentials. This exposure can be triggered by a buffer overflow in a system library that affects many, if not most, Linux distributions.

The recommended resolution for addressing the GHOST vulnerability is to apply the latest patches, which have been specifically developed to address this issue, distributed by your Linux vendor.

CSID customers should be assured that we have evaluated our systems for any exposure and patched our Linux servers in all environments, up to and including Production. We strongly recommend that our customers running Linux-based systems take the same proactive approach with respect to any and all machines that are potentially vulnerable to the GHOST vulnerability.

For more information, please visit the Qualys Security Advisory.

The Implications of Sharing Personal Data

By | January 28th, 2015|Uncategorized|

Data Privacy DayDid you know that privacy policies do not guarantee that your information will be kept private? Most companies use privacy policies to inform customers about how their personal information may be used, i.e. sold, shared, exchanged, not necessarily guaranteeing absolute confidentiality. In today’s increasingly digital world where exchanging personal information – your name, email address, home address, etc. – for access to websites, coupons and the like has become the norm. And, it can be difficult for consumers to understand the value of their personal information.

Today is the eighth annual Data Privacy Day, an international awareness effort spearheaded by the National Cyber Security Alliance (NCSA) that encourages all Internet users to consider the privacy implications of their online actions and motivate all companies to make privacy and data protection a greater priority. Since most consumers aren’t fully aware of the implications of sharing personal information, we’re taking a deeper look at what can happen when personal information is shared online.

Companies that collect don’t always protect
When you share personal information with a company online, that company is responsible for protecting your information. Even data that is seemingly harmless is extremely valuable to cyber criminals, like your email address or your mother’s maiden name for a password reset. When you share this valuable, personal information with a company online be sure to read the company’s privacy policy fine print in order to be certain that your information is not being shared publicly or with outside companies. In some instances, even reading the company’s fine print cannot keep your information safe. Millions were affected last year due to retail and medical data breaches, proving it difficult for companies to protect your data no matter how secure it may seem. Once cyber criminals have their hands on your personal information, you may be surprised at what they can do with it.

Cyber criminals patch together your digital profile
Bits and pieces of personal information stolen from companies can help cyber criminals patch together a complete picture of your digital identity. They can then use your digital identity to access more important information like your financial records from retail sites that have your credit card information stored. Many consumers leave a trail of personal information on the Internet, leading cyber criminals to steal your identity and your financial information.

How to make a difference during Data Privacy Day
Here are some tips on how you can increase your privacy online from the NCSA:

  • Think of your personal information like money – value it and protect it. You are often paying for “free” services with your personal information. Before you willingly provide your information to a service, make sure it is a business you trust to handle your information with care.
  • Manage your browser cookies to maximize your privacy and prevent unwanted tracking.
  • Demand that businesses be honest about how they collect, use and share personal information.
  • Be cautious about who you “friend” and communicate with online.

Join the Data Privacy Day conversations online by using the hashtag #DPD15! And, let us know what you think on Facebook, Twitter or LinkedIn.

President Obama Previews State of the Union Address with Emphasis on Cybersecurity

By | January 18th, 2015|Uncategorized|

Cyber SecurityCybersecurity took center stage this week as President Obama previewed plans focused on increasing online security, electronic privacy and the prevention of identity theft for the American people.

Byron Tau and Elizabeth Dwoskin of the Wall Street Journal shared that on Monday, Obama visited the Federal Trade Commission to discuss new cyber security initiatives that will safeguard consumer and student data. The President stated, “If we’re going to be connected, then we need to be protected.” He also introduced proposals that outline corporate responsibilities in the event of a data breach, and a Consumer Privacy Bill of Rights, that would “give consumers more control over what personal data companies collect about them and force companies to be more transparent about what they do with it.” According to USA TODAY, another proposal, the Student Data Privacy Act, would “forbid companies from harvesting student data for commercial purposes.”

David Jackson of USA TODAY detailed that on Tuesday, the President met with members of Congress to propose measures to bolster cybersecurity. He also traveled to the National Cybersecurity and Communications Integration Center to discuss its work to protect Internet communications. Obama spoke on “efforts to increase voluntary cybersecurity information sharing between the sector and the government while protecting privacy and civil liberties.” According to a White House Press Release, this week’s announcements included legislative proposals on Enabling Cybersecurity Information Sharing, Modernizing Law Enforcement Authorities to Combat Cyber Crime and National Data Breach Reporting.

According to an article from CNBC, when asked why he decided to preview the plans this week, Obama said “I didn’t want to wait for the State of the Union to talk about all the things that make this country great and how we can make it better, so I thought I’d get started this week. I figured, why wait? It’s like opening your Christmas presents a little early.”

Do you think cybersecurity deserves to be an area of emphasis for this year’s State of the Union Address? Let us know what you think on Facebook, Twitter or LinkedIn and be sure to keep up with our Tumblr for up-to-date security news stories.

Loyalty Rewards Programs: A New Cybercrime?

By | November 13th, 2014|Uncategorized|

Rewards PointsCyber criminals are getting creative. We constantly hear about hackers stealing credit card numbers and even Twitter handles. Now, they have also added your loyalty rewards points to their list.

Brian Krebs wrote an excellent article highlighting a few of interesting cases where victims had rewards points stolen.

One victim reported that he had about 250,000 Hilton Honors points stolen from his account. These points were used to reserve a number of Hilton hotel rooms, and then the criminals continued to purchase additional points with the corporate credit card associated with the account.

Experts are also starting to see rewards points being sold in the online black market for a fraction of their worth. For instance, a hacker might sell points worth $1,200 in hotel reservations for $12.

So what does this mean for you? It is unlikely that stolen rewards points are going to overtake trends like mobile malware or medical identity theft as the “next big thing” to worry about. That said, we always recommend keeping up-to-date with the latest security trends and being proactive about protecting your identity and online accounts.

Some proactive actions you can take now:

  • Keep an eye on your bank accounts and credit reports as usual. Stolen rewards points may actually be one small piece of a larger puzzle when it comes to identity theft.
  • Avoid saving credit card information on websites with rewards programs, such as your favorite hotel, airline or retail site.
  • Use a secure, unique password for loyalty program sites. Don’t reuse passwords.
  • As a retailer or company that offers reward points, institute a CAPTCHA system to protect against hacking bots and scripts.

What are your thoughts on stolen rewards points? Is this something that concerns you? As always, join the conversation on Twitter, Facebook or LinkedIn.

Customer Alert: Heartbleed SSL Vulnerability

By | April 9th, 2014|Uncategorized|

heartbleedOn the morning of April 8, 2014, the OpenSSL community revealed a security vulnerability in recent versions of the OpenSSL software. Dubbed Heartbleed, the vulnerability poses a serious security concern because cyber criminals could exploit the vulnerability to expose site users’ Personally Identifiable Information (PII).

What does this mean, exactly?

OpenSSL is an open-source encryption technology used by a approximately 75% of web servers. This technology safeguards site visitors who are sharing PII and financial information to make a transaction. Sites that employ OpenSSL are typically indicated with a lock icon and live at an HTTPS address. In other words, an OpenSLL site may be at the core of your business, and you probably use sites that incorporate this technology daily.

How do I mitigate risk?

The only way for businesses to avoid Heartbleed is to upgrade their site with the latest, patched version of the OpenSSL software, which addresses the vulnerability.

CSID customers should be assured that CSID has done this to its servers, and strongly recommends that they take the same action and immediately renew their SSL Certificates used with CSID services. As an additional security precaution and due to the breadth of this vulnerability, CSID joins other security professionals in recommending that businesses patch any instances of OpenSSL in their environments, and renew any SSL certificates immediately.

Further details surrounding the Heartbleed vulnerability and its disclosure can be found here.

News Recap: Pew Research Center Finds Most Internet Users Want Online Privacy

By | September 9th, 2013|Uncategorized|

news_recap_090913The Pew Research Center recently released research that revealed 86 percent of 792 U.S. Internet users polled have taken steps to mask their digital footprints. From July 11 to 14, the Princeton Survey Research Associates polled people via phone interviews.

One of the report’s authors and a faculty member at Carnegie Mellon University, Sara Kiesler, was surprised at the results: “Our team’s biggest surprise was discovering that many Internet users have tried to conceal their identity or their communications from others,” she said.

The study also found that “a full 50 percent of Internet users surveyed say they’re concerned about the growing amount of personal information revealed about them online,” reported Lance Whitney on CNET. They’re worried about online information “including photos, videos, email addresses, birth dates, phone numbers, home addresses, and groups to which they belong. The 50 percent cited in the poll is a jump from just 30 percent in 2009.”

Despite wanting more privacy online, only 37 percent of those polled believe that complete anonymity can ever be achieved, Brian Fung wrote in the Washington Post

“Users clearly want the option of being anonymous online and increasingly worry that this is not possible,” said Lee Rainie, Director of the Pew Research Center’s Internet Project. “Their concerns apply to an entire ecosystem of surveillance. In fact, they are more intent on trying to mask their personal information from hackers, advertisers, friends and family members than they are trying to avoid observation by the government.”

Why do the majority of Internet users think complete anonymity online is impossible? Do you agree with them? How can people and businesses protect themselves online?  Let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

August Recap: Full Steam Ahead

By | September 4th, 2013|Uncategorized|

It’s easy to lose steam in August – but here at CSID, we were full steam ahead. We announced the date and panelist lineup for our upcoming webinar, participated in the SXSW 2014 Panel Picker and even had time to squeeze in a fun Frat Games Day for our Austin office. Take a look at what we’ve been up to this past month. 

Reputation Management Webinar Announced

In September, we will be holding a cyberSAFE webinar on “Managing Online Reputation.” This August, we announced our brilliant panelists, including reputation expert Parry Aftab, Executive Director of Wired Safety; HR Consultant and Writer at Blogging4Jobs, Jessica Miller-Merrell; Professor of Law at Washington University St. Louis, Neil Richards; and CSID’s own Bryan Hjelm, VP of Product and Marketing. The free webinar will be held on September 24 at 12 PM CST. Reserve your spot now! 

Vote for CSID to Speak at SXSW 2014

The SXSW 2014 Panel Picker opened mid-August, allowing the public to vote for their favorite panel submissions on a variety of topics. We submitted three topics for consideration and were thrilled to see them appear on the SXSW 2014 Panel Picker. Take a look at our topics and vote by Friday, September 6th:

  1. When Good Technology Goes Bad: Mobile Technology – see CSID’s CIO Adam Tyler hack a $20 router into a mobile attack platform while discussing emergent threats in mobile technology. Vote here
  2. Growing Up Unprotected: Child ID Theft – CSID’s Bryan Hjelm and LookOut Social’s Clay Nichols will explore why child identity theft is on the rise, how crime affects children and families and ways to mitigate the risks of child identity theft. Vote here
  3. That Was The Old Me: Managing Online Reputation – find out the best reputation management techniques for employees and businesses to keep your personal, professional and business reputation in tact, and secure. Vote here

More from Joe Ross on Huffington Post

CSID President Joe Ross contributed a couple more pieces to the Huffington Post, including “Three Tips for Security Your Business’s Passwords” and “How to Prevent Child Identity Theft Part One: How Parents Can Help.” Take a look and let us know if you have additional tips to share or questions for Joe.

ProfilesinPowerLuncheonCFO Amanda Nevins nominated for Austin Business Journal’s Profiles in Power

Our Chief Financial Officer, Amanda Nevins, was recognized in the Austin Business Journal as a nominee for Profiles in Power. The Austin Business Journal recognizes women of distinction in top management positions for a Profile in Power award. CSID attended the Profiles in Power luncheon to show support for Amanda’s outstanding recognition.

Frat Games Day

In true CSID fashion, our Austin office spent an afternoon dressed in polos and bright neon shirts for our Frat Games Day. For a little bit of team bonding, we played fraternity team games, like foosball and beer pong. You can take a look at our Frat Games Day photo album on Facebook

What We’re Looking Forward to in September – Reputation Management Webinar

We’re hosting a free webinar in September that hones in on reputation management. We would love for you to join us on September 24 at 12 PM CST to discuss the challenges that businesses face today when it comes to managing their employee and business reputations and security. You can find more information about the webinar here, or let us know if you have any questions or comments on Facebook, Twitter or LinkedInReserve your spot now! 

SXSW 2014 Panel Picker – When Good Technology Goes Bad: Mobile Technology

By | August 29th, 2013|Uncategorized|

PanelPicker_Vote_14v2It doesn’t take much for a hacker to create an attack platform that is capable of stealing hundreds of thousands of dollars worth of data. In fact, all it takes is a $20 router, less than an hour and little technical expertise. CSID’s Chief Innovation Officer Adam Tyler wants to show you how alarmingly easy it is to turn an inexpensive, widely available technology into a device that can threaten individuals and businesses by demoing this process at SXSW Interactive 2014. If selected, Adam will discuss how these inexpensive, but powerful technologies have made it easier than ever to inject malware to steal data from mobile devices. He’ll share tips on how to keep your mobile device safe from malware and address how we can protect against mobile threats in the future.

Before Adam can present this demonstration, we need your help voting for this interactive panel. This topic, When Good Technology Goes Bad: Mobile Technology, is part of SXSW’s Panel Picker, through which the public can vote for their favorite panel to be presented at next year’s SXSW Interactive conference.

If you’re interested in seeing Adam turn a $20 router into a malicious machine, and learning how to protect your mobile devices, please vote for our panel here.

CSID has additional Panel Picker submissions that could use your support, “Growing Up Unprotected: Child ID Theft” and “That Was the Old Me: Managing Online Reputation.” Excited about the topics or have questions? Leave your thoughts directly on the voting page, or get in touch with us via Twitter and Facebook.

Voting ends September 6th so be sure to vote for your favorite panels before then!

Upcoming cyberSAFE Webinar: Managing Online Reputation

By | August 28th, 2013|Uncategorized|

CS_BlogPost_Image_OnlineReputation-09Professionals and businesses are becoming more dependent on the digital world, and managing our online reputations is an increasingly important and complex task. What you put online can impact everything from hiring decisions and employment, to a company’s reputation and security.

Recognizing the importance of this topic, we’re hosting a webinar in which experts will discuss online reputation management for businesses and their employees. Experts from a variety of perspectives will analyze the risks job seekers, employees and enterprises face when it comes to digital reputation management, and provide solutions to keep your online reputation safe. We will address:

  • How employers are utilizing social media channels to make employment decisions and monitor employee and business activity
  • The legal and privacy implications of this practice
  • How the information an employee shares online can put themselves and their employer at risk for identity and data theft
  • How an employee’s online reputation can affect their employer’s brand
  • Best practices for managing an online reputation
  • The opportunities that exist for businesses to address reputation management needs

Save a spot on your calendar, or go ahead and register here.  

Webinar: Managing Online Reputation in a Digital World
When: Tuesday, September 24, 2013 at 12 PM CDT
Cost: Free
Register: Click here
Speakers:
Bryan Hjelm, VP of Product and Marketing, CSID
Parry Aftab, Executive Director, Wired Safety
Jessica Miller-Merrell, HR Consultant and Writer, Blogging4Jobs
Neil Richards, Professor of Law, Washington University at St. Louis

This webinar is a part of CSID’s cyberSAFE Series. To learn more, see upcoming webinars or watch past webinars, visit the CSID webinars page. To suggest a webinar topic, inquire about participating in a webinar, or any other questions, contact CSID at csid@ink-pr.com

SXSW 2014 Panel Picker – That Was The Old Me: Managing Online Reputation

By | August 27th, 2013|Uncategorized|

PanelPicker_Vote_14v291% of hiring managers screen the social media profiles of job candidates they are considering for hire. One in 10 job candidates have been denied a job opportunity due to a negative online reputation. Why? Companies are concerned with their employees’ online reputations now more than ever, as the actions their employees take online can impact their business’ reputation and security.  While it seems that employees and businesses are going head to head with regards to online reputation, they can – and should – be on the same team. And we want to help get them there.

That’s why, for SXSW Interactive 2014 we’ve proposed a dual panel on this topic – That Was The Old Me: Managing Online Reputation – with CSID’s Bryan Hjelm and reputation management specialist Parry Aftab. If selected, Bryan and Parry will explore reputation management techniques and best practices for employees and businesses, as well as the privacy and legal implications of keeping tabs on an employee’s online activities. We’re looking forward to shining a light on this topic, as it is critical for all types of professionals – from the entry-level employee through the highest executive.

But we need your help! Our panel is a part of SXSW’s Panel Picker, through which the public can vote for their favorite panel submissions to be presented at next year’s SXSW Interactive conference.

Interested in hearing how to keep your online reputation in check? Vote for our panel here.

CSID has additional Panel Picker submissions that could use your support, “Growing Up Unprotected: Child ID Theft” and “When Good Technology Goes Bad: Mobile Technology.” Excited about the topics or have questions? Leave your thoughts directly on the voting page, or get in touch with us via Twitter and Facebook.

Voting ends September 6th so be sure to vote for your favorite panels before then!

Load More Posts